Opened 14 years ago

Last modified 14 years ago

#935 closed Bug report

Admin password plaintext

Reported by: thenman Owned by:
Priority: normal Component: FileZilla Server
Keywords: Cc: thenman, Tim Kosse
Component version: Operating system type:
Operating system version:

Description

Why is the Admin password in plaintext? Why isn't
crypted like the user passwords (in md5)?

Please encrypt this ADMIN password.

Thanks.

Change History (1)

comment:1 Changed 14 years ago by Tim Kosse

Unfortunately not possible since the admin interface uses a
challenge-response type authentication. Regardsless of any
encryption, if someone knows the admin password in any form,
he can connect to the admin interface. MD5 wouldn't help here.

The used authentication method uses a similar concept as
HTTP Digest authentication.

Note: See TracTickets for help on using tickets.