deon
/
phpldapadmin
1
0
Fork 0
Code Issues 36 Pull Requests Packages Projects Releases Wiki Activity

Default Password Encryption of clear - should be SSHA #36

New Issue
Open
opened 2015-09-25 04:57:50 +00:00 by deon · 1 comment
deon commented 2015-09-25 04:57:50 +00:00 (Migrated from gitlab.dege.au)
Copy Link

Not sure if this exists yet.

When creating a new LDAP user, the default password setting/encryption is CLEAR?????

This is a problem, for example, When using Softerra's LDAP browser, anyone is able to view the password, without even authenticating, in plain text. I do not think this is a good practice, at least for the default.

I reccomend SSHA, and as the Default. It will work with Almost any Linux Distro.

My Specs:
CentOS 6.4
PHPLDAPAdmin 1.2.3
OpenLDAP: slapd 2.4.23

Not sure if this exists yet. When creating a new LDAP user, the default password setting/encryption is CLEAR????? This is a problem, for example, When using Softerra's LDAP browser, anyone is able to view the password, without even authenticating, in plain text. I do not think this is a good practice, at least for the default. I reccomend SSHA, and as the Default. It will work with Almost any Linux Distro. My Specs: CentOS 6.4 PHPLDAPAdmin 1.2.3 OpenLDAP: slapd 2.4.23
deon commented 2015-09-25 04:58:04 +00:00 (Migrated from gitlab.dege.au)
Copy Link

Login to PHPLA --> Create Child Entry --> Create Generic User Account -->

to the right of the two password lines, the default is clear, and would be much better if it was SSHA

Login to PHPLA --> Create Child Entry --> Create Generic User Account --> to the right of the two password lines, the default is clear, and would be much better if it was SSHA
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
master
BRANCH-2.0
BRANCH-1.2
SANDPIT.new
SANDPIT
documentation
BRANCH-1.1
BRANCH-1.0
BRANCH-0.9.7
BRANCH-0.9.8
BRANCH-0.9.6
BRANCH-0.9.4
1.2.6.6
1.2.6.5
1.2.6.4
1.2.6.3
1.2.6.2
1.2.6.1
1.2.6
1.2.5
1.2.4
RELEASE-1.2.3
1.2.3
RELEASE-1.2.2
RELEASE-1.2.1.1
RELEASE-1.2.1
RELEASE-1.2.0.5
RELEASE-1.2.0.4
RELEASE-1.2.0.3
RELEASE-1.2.0.2
RELEASE-1.2.0.1
RELEASE-1.2.0
RELEASE-1.2.0-rc1
RELEASE-1.1.0.7
RELEASE-1.1.0.6
RELEASE-1.1.0.5
RELEASE-1.1.0.4
RELEASE-1.1.0.3
RELEASE-1.1.0.2
RELEASE-1.0.2
RELEASE-1.0.1
RELEASE-0.9.8.5
RELEASE-0.9.8.4
RELEASE-0.9.8.3
RELEASE-0.9.8.2
RELEASE-1.1.0.1
RELEASE-1.1.0
RELEASE-1.0.0
RELEASE-0.9.8.1
RELEASE-0.9.8
RELEASE-0.9.7.2
RELEASE-0.9.7.1
RELEASE-0.9.7
RELEASE-0.9.6c
RELEASE-0.9.6b
RELEASE-0.9.6a
RELEASE-0.9.6
RELEASE-0.9.5
RELEASE-0.9.4b
RELEASE-0.9.4a
RELEASE-0.9.4
RELEASE-0.9.3
RELEASE-0.9.2
RELEASE-0.9.1
RELEASE-0.9.0
Labels
Clear labels
No items
No Label
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: deon/phpldapadmin#36
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?