Open Solution: please encrypt the admin password!

Foam

2012-10-17 20:48

When we are logged into the admin area, the password field shows the password in clean characters!

Please encrypt it with MD5 or similar and only show a password field ("*****"), otherwise it's too much of a security risk.

» Quick.Cart v5.x

openzibi

2012-10-17 21:57

1. I don't know the systems 100% secure. (computer run over roller?)
2. I assume that you are using a firewall program.
3. To view your password to Quick.Cart I need to know the password for FTP. Password for Quick.Cart can be secured with md5 but if I know the password to your FTP ...

hosting-domeny-strony - http://www.rhh.pl

Foam

2012-10-17 22:56

Just a few days ago, hackers manage to find out the customer passwords of a British bank that saved them as plain text and you're trying to tell me this is safe? You're either trolling or absolutely stupid.

openzibi

2012-10-18 08:20

Yes, you're right. Free Quick.Cart script is not a good choice to handle bank ...

hosting-domeny-strony - http://www.rhh.pl

Foam

2012-10-25 22:08

You're not even good a trolling, you're a douchebag. And you are supposed to be an official OpenSolution partner? I would never do business with you. If you don't see why ecommerce software should be secure you shouldn't be working in IT.

openzibi

2012-10-25 22:22

I agree completely. E-commerce software should be secure.

hosting-domeny-strony - http://www.rhh.pl

treewood (OpenSolution)

2012-10-26 06:37

Foam - start be nice and stop using words to other peoples like: "absolutely stupid", "trolling" and "douchebag". You don't respect other opinion and do you think that other guys will do business with you? I don't think so if they will knew how you will treat them.

zoltanp

2012-11-08 12:25

Try to use a .htaccess file to secure admin folder.
Takes 2 minutes to setup:
http://www.golivecentral.com/pages/txttut/htacc.shtml

Zoltan