What do you mean by "stored"? web2py does not store password_two -- it simply compares it to the first password entry to make sure they match. Only one copy of the password is stored in db.auth_user, and it is hashed.
Anthony On Sunday, May 7, 2017 at 5:28:38 AM UTC-4, Yebach wrote: > > Hello > > I just discovered the following behavior when user fills the user > registration form > > in my form i have confirm password. and in storage the following values > are stored > > <Storage {'first_name': 'jest', 'last_name': 'ti', 'password_two': '1234', > 'id': 193L, 'organization': 'testorgalalal', 'password': > <gluon.validators.LazyCrypt object at 0x000000000BD94710>, 'email': ' > test_m...@gmail.com'}> > > as you can see the password_two is not encrypted. > > In case i forgot to set the encryption I am just giving you a heads up > > Is this a bug or is it a feature? :) > > best regards > -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.