Protected post password is plain text in cookie
|Reported by:||dosa||Owned by:|
Once a password is entered for a protected post it is stored as plain text in the cookie for all to see. Surely simply keeping some kind of hash would be better?
Change History (8)
comment:5 @nbachiyski — 7 years ago
- Milestone set to 2.8
- Resolution wontfix deleted
- Status changed from closed to reopened
comment:6 @raxitsheth — 7 years ago
- Priority changed from normal to high
- Severity changed from normal to major
comment:7 @Viper007Bond — 7 years ago
- Priority changed from high to normal
- Severity changed from major to normal
Note: See TracTickets for help on using tickets.