[Koha-bugs] [Bug 3477] New: Store patron OPAC passwords in plain text
bugzilla-daemon at liblime.com
bugzilla-daemon at liblime.com
Sun Aug 2 20:01:10 CEST 2009
http://bugs.koha.org/cgi-bin/bugzilla3/show_bug.cgi?id=3477
Summary: Store patron OPAC passwords in plain text
Product: Koha
Version: rel_3_0
Platform: PC
OS/Version: Windows 2000
Status: NEW
Severity: enhancement
Priority: P5
Component: Patrons
AssignedTo: gmcharlt at gmail.com
ReportedBy: jwagner at ptfs.com
Estimated Hours: 0.0
Change sponsored?: Sponsored
Sponsored by East Brunswick Public Library, East Brunswick, NJ, USA.
Library staff wanted to be able to see patron passwords when patrons forget the
password and ask. Created a system preference StorePasswordPlaintext and a new
borrowers table column named password_plaintext. For non-staff accounts, the
current password will appear in the Change Password box on member-password.pl.
The code will not display staff account passwords.
Plaintext passwords can only be stored for patrons added or patron passwords
edited after the syspref is turned on; it cannot retroactively convert existing
passwords. Thus, if this capability is desired, the feature must be present
and the syspref turned on before patron import. Libraries should consider the
security implications of having plaintext passwords visible.
--
Configure bugmail: http://bugs.koha.org/cgi-bin/bugzilla3/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
More information about the Koha-bugs
mailing list