https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=27812 Kyle M Hall <kyle@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #118797|0 |1 is obsolete| | Attachment #119176|0 |1 is obsolete| | --- Comment #22 from Kyle M Hall <kyle@bywatersolutions.com> --- Created attachment 131166 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=131166&action=edit Bug 27812: Remove the ability to transmit a patron's plain text password over email We should not give libraries the ability to compromise patron accounts, it is considered a huge security issue and nobody in network security would ever recommend allowing passwords to be transmitted in clear text over email. It should simply not be possible to send a patron's password in plain text via email. As such, we should remove this ability from Koha. Test Plan: 1) Apply this patch 2) Create a patron to generate the ACCTDETAILS email 3) Note you can no longer transmit the patron's password in the email Signed-off-by: Amit Gupta <amitddng135@gmail.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> -- You are receiving this mail because: You are watching all bug changes.