What do you mean by "stored"? web2py does not store password_two -- it
simply compares it to the first password entry to make sure they match.
Only one copy of the password is stored in db.auth_user, and it is hashed.
Anthony
On Sunday, May 7, 2017 at 5:28:38 AM UTC-4, Yebach wrote:
>
> Hello
>
> I just discovered the following behavior when user fills the user
> registration form
>
> in my form i have confirm password. and in storage the following values
> are stored
>
> <Storage {'first_name': 'jest', 'last_name': 'ti', 'password_two': '1234',
> 'id': 193L, 'organization': 'testorgalalal', 'password':
> <gluon.validators.LazyCrypt object at 0x000000000BD94710>, 'email': '
> test_m...@gmail.com'}>
>
> as you can see the password_two is not encrypted.
>
> In case i forgot to set the encryption I am just giving you a heads up
>
> Is this a bug or is it a feature? :)
>
> best regards
>
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
