https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30649
--- Comment #24 from David Cook <dc...@prosentient.com.au> --- (In reply to Katrin Fischer from comment #23) > It might also hinder a a quick desaster recovery to a different server? At > least something more to think about for backups etc. With the encryption key in koha-conf.xml, they wouldn't be able to decrypt the encrypted passwords in the database either. (In reply to Kyle M Hall from comment #22) > (In reply to Victor Grousset/tuxayo from comment #21) > > That's why I wondered if there was any gain compared to just storing the > > passwords into koha-conf.xml directly? (or another file) > > Simply put, imo, that would mean librarians could no longer update that data > without help from the server administrator, making their jobs more difficult. Agreed with Kyle. There needs to be a balance between security and functionality/convenience. -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
