[Bug 3477] New: Store patron OPAC passwords in plain text
http://bugs.koha.org/cgi-bin/bugzilla3/show_bug.cgi?id=3477 Summary: Store patron OPAC passwords in plain text Product: Koha Version: rel_3_0 Platform: PC OS/Version: Windows 2000 Status: NEW Severity: enhancement Priority: P5 Component: Patrons AssignedTo: gmcharlt@gmail.com ReportedBy: jwagner@ptfs.com Estimated Hours: 0.0 Change sponsored?: Sponsored Sponsored by East Brunswick Public Library, East Brunswick, NJ, USA. Library staff wanted to be able to see patron passwords when patrons forget the password and ask. Created a system preference StorePasswordPlaintext and a new borrowers table column named password_plaintext. For non-staff accounts, the current password will appear in the Change Password box on member-password.pl. The code will not display staff account passwords. Plaintext passwords can only be stored for patrons added or patron passwords edited after the syspref is turned on; it cannot retroactively convert existing passwords. Thus, if this capability is desired, the feature must be present and the syspref turned on before patron import. Libraries should consider the security implications of having plaintext passwords visible. -- Configure bugmail: http://bugs.koha.org/cgi-bin/bugzilla3/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.koha.org/cgi-bin/bugzilla3/show_bug.cgi?id=3477 --- Comment #1 from Galen Charlton <gmcharlt@gmail.com> 2009-08-04 01:17:09 --- (In reply to comment #0)
Sponsored by East Brunswick Public Library, East Brunswick, NJ, USA.
Plaintext passwords can only be stored for patrons added or patron passwords edited after the syspref is turned on; it cannot retroactively convert existing passwords. Thus, if this capability is desired, the feature must be present and the syspref turned on before patron import. Libraries should consider the security implications of having plaintext passwords visible.
This worries me, particularly if *staff* passwords are also stored in plaintext. Although it may be water under the bridge with respect to the sponsoring library, typical best practice for password security is to store a password as a one-way hash, and if a patron forgets their password, have the library *reset* it rather than read it off to the patron. -- Configure bugmail: http://bugs.koha.org/cgi-bin/bugzilla3/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.koha.org/cgi-bin/bugzilla3/show_bug.cgi?id=3477 Jane Wagner <jwagner@ptfs.com> changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|gmcharlt@gmail.com |kohaprogrammers@ptfs.com -- Configure bugmail: http://bugs.koha.org/cgi-bin/bugzilla3/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.koha.org/cgi-bin/bugzilla3/show_bug.cgi?id=3477 MJR <mjr@ttllp.co.uk> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mjr@ttllp.co.uk --- Comment #2 from MJR <mjr@ttllp.co.uk> 2009-09-25 19:54:52 --- (In reply to comment #1)
This worries me, particularly if *staff* passwords are also stored in plaintext. Although it may be water under the bridge with respect to the sponsoring library, typical best practice for password security is to store a password as a one-way hash, and if a patron forgets their password, have the library *reset* it rather than read it off to the patron.
I agree: addition of this syspref appears to be a security bug. It would also prevent a koha login being proof of a user's activity in any security breach. I'm surprised if this isn't against privacy laws in the US, but I'm often surprised by how weak US privacy safeguards are. Should this request be resolved as a WONTFIX? -- Configure bugmail: http://bugs.koha.org/cgi-bin/bugzilla3/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.koha.org/cgi-bin/bugzilla3/show_bug.cgi?id=3477 Nicole C. Engard <nengard@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |nengard@gmail.com --- Comment #3 from Nicole C. Engard <nengard@gmail.com> 2009-09-26 00:23:12 --- I also don't think this is a very safe idea. I'm also not sure why the librarian can't simply reset the patron's password when they ask what it is - seems easier and to require no development. -- Configure bugmail: http://bugs.koha.org/cgi-bin/bugzilla3/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.koha.org/cgi-bin/bugzilla3/show_bug.cgi?id=3477 --- Comment #4 from Jane Wagner <jwagner@ptfs.com> 2009-09-26 13:28:40 --- We wrote this at the request of the site, and are obligated to submit it, but we understand the security implications and are prepared to maintain it locally for this site if it seems advisable not to accept it into the main Koha code. -- Configure bugmail: http://bugs.koha.org/cgi-bin/bugzilla3/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.koha.org/cgi-bin/bugzilla3/show_bug.cgi?id=3477 Jane Wagner <jwagner@ptfs.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED --- Comment #5 from Jane Wagner <jwagner@ptfs.com> 2010-04-28 15:26:39 --- This feature has been abandoned, and I am closing the bugzilla entry. -- Configure bugmail: http://bugs.koha.org/cgi-bin/bugzilla3/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.koha.org/cgi-bin/bugzilla3/show_bug.cgi?id=3477 MJR <mjr@ttllp.co.uk> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|FIXED |WONTFIX --- Comment #6 from MJR <mjr@ttllp.co.uk> 2010-04-28 15:38:01 --- Correcting resolution tag. -- Configure bugmail: http://bugs.koha.org/cgi-bin/bugzilla3/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.
participants (2)
-
bugzilla-daemon@kohaorg.ec2.liblime.com -
bugzilla-daemon@liblime.com