[Dxspider-support] users.v3j/user_json and MD5 user password
Joaquin
joaquin at cronux.net
Thu Sep 15 10:55:10 BST 2022
True Ian, but if it is shared in the future, everything changes. Not
only can content in routing statements progress through the network, it
can also give rise to a centralized DB (as is currently the DXspider
sw), thus being able to download it and make it common for all, that is,
enhance global authentication and stopping the undesirables.
Kin
El 15/09/2022 a las 11:47, Ian Maude via Dxspider-support escribió:
> I don’t find the password field very useful really as it only works on the local node. I wonder if it could be shared, securely, across the network? Currently, it only stops a callsign being pirated locally.
>
> 73 Ian
>
>> On 15 Sep 2022, at 10:13, Joaquin via Dxspider-support <dxspider-support at tobit.co.uk> wrote:
>>
>> Hi Dirk,
>>
>> I have enabled register and password for testing and I have observed that the "passwd" field is saved in the DB in "plain text".
>> I would like to propose a change to an MD5 hash that would be more secure and reliable for users, preventing possible password theft due to improper access or bug, and would open the possibility in the future to share user data without problems.
>>
>> 73 de Kin
>>
>> EA3CV
>>
>>
>> _______________________________________________
>> Dxspider-support mailing list
>> Dxspider-support at tobit.co.uk
>> https://mailman.tobit.co.uk/mailman/listinfo/dxspider-support
>
> _______________________________________________
> Dxspider-support mailing list
> Dxspider-support at tobit.co.uk
> https://mailman.tobit.co.uk/mailman/listinfo/dxspider-support
More information about the Dxspider-support
mailing list