Default Password Encryption of clear - should be SSHA #36

New Issue

Open

opened 2015-09-25 04:57:50 +00:00 by deon · 1 comment

deon commented 2015-09-25 04:57:50 +00:00 (Migrated from gitlab.dege.au)

Copy Link

Not sure if this exists yet.

When creating a new LDAP user, the default password setting/encryption is CLEAR?????

This is a problem, for example, When using Softerra's LDAP browser, anyone is able to view the password, without even authenticating, in plain text. I do not think this is a good practice, at least for the default.

I reccomend SSHA, and as the Default. It will work with Almost any Linux Distro.

My Specs:
CentOS 6.4
PHPLDAPAdmin 1.2.3
OpenLDAP: slapd 2.4.23

Not sure if this exists yet. When creating a new LDAP user, the default password setting/encryption is CLEAR????? This is a problem, for example, When using Softerra's LDAP browser, anyone is able to view the password, without even authenticating, in plain text. I do not think this is a good practice, at least for the default. I reccomend SSHA, and as the Default. It will work with Almost any Linux Distro. My Specs: CentOS 6.4 PHPLDAPAdmin 1.2.3 OpenLDAP: slapd 2.4.23

deon commented 2015-09-25 04:58:04 +00:00 (Migrated from gitlab.dege.au)

Copy Link

Login to PHPLA --> Create Child Entry --> Create Generic User Account -->

to the right of the two password lines, the default is clear, and would be much better if it was SSHA

Login to PHPLA --> Create Child Entry --> Create Generic User Account --> to the right of the two password lines, the default is clear, and would be much better if it was SSHA

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

master

BRANCH-2.0

BRANCH-1.2

SANDPIT.new

SANDPIT

documentation

BRANCH-1.1

BRANCH-1.0

BRANCH-0.9.7

BRANCH-0.9.8

BRANCH-0.9.6

BRANCH-0.9.4

1.2.6.6

1.2.6.5

1.2.6.4

1.2.6.3

1.2.6.2

1.2.6.1

1.2.6

1.2.5

1.2.4

RELEASE-1.2.3

1.2.3

RELEASE-1.2.2

RELEASE-1.2.1.1

RELEASE-1.2.1

RELEASE-1.2.0.5

RELEASE-1.2.0.4

RELEASE-1.2.0.3

RELEASE-1.2.0.2

RELEASE-1.2.0.1

RELEASE-1.2.0

RELEASE-1.2.0-rc1

RELEASE-1.1.0.7

RELEASE-1.1.0.6

RELEASE-1.1.0.5

RELEASE-1.1.0.4

RELEASE-1.1.0.3

RELEASE-1.1.0.2

RELEASE-1.0.2

RELEASE-1.0.1

RELEASE-0.9.8.5

RELEASE-0.9.8.4

RELEASE-0.9.8.3

RELEASE-0.9.8.2

RELEASE-1.1.0.1

RELEASE-1.1.0

RELEASE-1.0.0

RELEASE-0.9.8.1

RELEASE-0.9.8

RELEASE-0.9.7.2

RELEASE-0.9.7.1

RELEASE-0.9.7

RELEASE-0.9.6c

RELEASE-0.9.6b

RELEASE-0.9.6a

RELEASE-0.9.6

RELEASE-0.9.5

RELEASE-0.9.4b

RELEASE-0.9.4a

RELEASE-0.9.4

RELEASE-0.9.3

RELEASE-0.9.2

RELEASE-0.9.1

RELEASE-0.9.0

Labels

Clear labels

No items

No Label

Milestone

Clear milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

No Assignees

1 Participants

Notifications

Subscribe

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: deon/phpldapadmin#36

No description provided.