[Koha-bugs] [Bug 27812] New: Remove the ability to transmit a patron's plain text password over email
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Fri Feb 26 19:16:48 CET 2021
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=27812
Bug ID: 27812
Summary: Remove the ability to transmit a patron's plain text
password over email
Change sponsored?: ---
Product: Koha
Version: master
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P5 - low
Component: Patrons
Assignee: koha-bugs at lists.koha-community.org
Reporter: kyle at bywatersolutions.com
QA Contact: testopia at bugs.koha-community.org
CC: gmcharlt at gmail.com, kyle.m.hall at gmail.com
We should not give libraries the ability to compromise patron accounts, it is
considered a huge security issue and nobody in network security would ever
recommend allowing passwords to be transmitted in clear text over email. It
should simply not be possible to send a patron's password in plain text via
email. As such, we should remove this ability from Koha.
--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
More information about the Koha-bugs
mailing list