Opened 18 years ago

Last modified 18 years ago

#935 closed Bug report

Admin password plaintext

Reported by: thenman Owned by:
Priority: normal Component: FileZilla Server
Keywords: Cc: thenman, Tim Kosse
Component version: Operating system type:
Operating system version:


Why is the Admin password in plaintext? Why isn't
crypted like the user passwords (in md5)?

Please encrypt this ADMIN password.


Change History (1)

comment:1 by Tim Kosse, 18 years ago

Unfortunately not possible since the admin interface uses a
challenge-response type authentication. Regardsless of any
encryption, if someone knows the admin password in any form,
he can connect to the admin interface. MD5 wouldn't help here.

The used authentication method uses a similar concept as
HTTP Digest authentication.

Note: See TracTickets for help on using tickets.