[wp-trac] [WordPress Trac] #11813: Post password stored as plaintext
WordPress Trac
wp-trac at lists.automattic.com
Thu Jan 7 17:33:13 UTC 2010
#11813: Post password stored as plaintext
--------------------------+-------------------------------------------------
Reporter: ericmann | Owner: ryan
Type: defect (bug) | Status: new
Priority: normal | Milestone: Unassigned
Component: Security | Version: 2.9.1
Severity: normal | Keywords: post-password
--------------------------+-------------------------------------------------
When a user specifies a password for a protected post it's stored as
plaintext in the database. Considering the rate at which people recycle
personal passwords, does this open a user's site to potential security
risks?
While not necessarily our responsibility, this would raise issues if they
use the same password for a login and for their protected posts.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/11813>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list