| Global Admin DB Password field shouldn't be plain text [message #14055] |
Tue, 04 November 2003 20:16  |
Anonymous
|
|
|
|
This is driving me up a wall. I hate seeing my password in plain text there. I don't think *any* passwords should just sit there in plain text in your browser.
Any chance this will change in the near future? Even if not, is there a patch or a bit of code I can throw in to change that field? Idealy, I'd like to see it encrypted all over, but failing that, I'll feel a bit more comfortable if we can just change the field type to password.
I found were "print_string_field" is used. Is it as simple as changing that to "print_password_field" or somesuch?
|
|
|
|
| Re: Global Admin DB Password field shouldn't be plain text [message #14056 is a reply to message #14055] |
Tue, 04 November 2003 21:13  |
Ilia
Messages: 13241
Registered: January 2002
Karma: 0
|
Senior Member
Administrator
Core Developer |
|
|
PHP does not include any native 2 way encryption algorithms so encryption is out of the question. Changing the field to plain text would only create an-annoyance since you won't be able to see the value and thus possible typos in the password.
FUDforum Core Developer
|
|
|
|
| Re: Global Admin DB Password field shouldn't be plain text [message #14107 is a reply to message #14056] |
Wed, 05 November 2003 19:36 |
|
Anonymous
|
|
|
|
But that's the point. I don't *want* to see the value. I don't want someone standing over my shoulder when I click the admin link and see my password. I guess it'd be one thing if it was buried somewhere, but it's the default page that pops up as soon as I enter the admin control panel. Sure, there could be a typo, but lots of us are *used* to hidden passwords and make it a point to *not* typo when we put them in.
If you can't include encryption, that's fine. I doubt anyone's gonna be digging around enough to find it in the files, but it makes me uncomfortable seeing my password sitting there in plain text. It's far more of an annoyance for that reason then for the possibility of a typo.
I'm not even asking that you change it globally to future releases, I just want to know how to change it on *mine*.
Thanks.
|
|
|
|
| Re: Global Admin DB Password field shouldn't be plain text [message #14109 is a reply to message #14107] |
Wed, 05 November 2003 19:48 |
Ilia
Messages: 13241
Registered: January 2002
Karma: 0
|
Senior Member
Administrator
Core Developer |
|
|
Simply make a copy of the current function which displayed text fields. And make it output password field type rather then text. Then modify the code responsible for display of MySQL password option to use the new function.
FUDforum Core Developer
|
|
|
|
|
|
|
|
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]