[ https://issues.apache.org/jira/browse/OFBIZ-1151?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12542940 ]
Jonathon Wong commented on OFBIZ-1151: -------------------------------------- BJ said: > for creation of employees they like to use a password they will remember. For the sake of easy migration, we could add a temporary field beside each password, say "isRehashed" (boolean). If "isRehased" is false, process incoming password with the old codes without salt, and then rehash it with salt, and then set "isRehashed" to true. > Passwords are not seeded > ------------------------ > > Key: OFBIZ-1151 > URL: https://issues.apache.org/jira/browse/OFBIZ-1151 > Project: OFBiz > Issue Type: Improvement > Components: party > Affects Versions: SVN trunk, Release Branch 4.0 > Reporter: Wickersheimer Jeremy > Assignee: Jacques Le Roux > Priority: Minor > > Password are currently hashed but not seeded which may be a security issue. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.