Post password stored as plaintext
|Reported by:||ericmann||Owned by:||ryan|
When a user specifies a password for a protected post it's stored as plaintext in the database. Considering the rate at which people recycle personal passwords, does this open a user's site to potential security risks?
While not necessarily our responsibility, this would raise issues if they use the same password for a login and for their protected posts.
Change History (10)
- Keywords post-password removed
- Resolution set to wontfix
- Status changed from new to closed