https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33352 Bug ID: 33352 Summary: Password sent by message (accdetails) without decryption Change sponsored?: --- Product: Koha Version: 21.11 Hardware: Other OS: Linux Status: NEW Severity: normal Priority: P5 - low Component: Tools Assignee: koha-bugs@lists.koha-community.org Reporter: pablo.joneslobos@gmail.com QA Contact: testopia@bugs.koha-community.org Hello! I'm using version 21.11 of Koha. In our case, we have user self-registration enabled, and when a user registers, they are automatically sent a Welcome email through Koha messaging. The message includes their account name and password, but the problem is that the password is sent without being encrypted. This did not happen in the previous version. I understand that Koha uses Blowfish encryption. Do you have any idea how to decrypt the password so that it can be displayed? For example, this is the programmed message (accdetails): Hello, <<borrowers.firstname>> <<borrowers.surname>>. Your account has been created in the UNPSJB Library System. Your account details are as follows: Username: <<borrowers.userid>> Password: <<borrowers.password>> The text sent is: Hello, Ximena Vanina XXXX Your account has been created in the UNPSJB Library System. Your account details are as follows: Username: ximenavanina.XXXX Password: $2a$08$orfJ.jWu.RYvR/nhn.gs1e42FnSnliuLuXmsRG38hTP3irEC5BJUS Any ideas? -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.