odoo keeps a record of entries in the system with the password in plain text | Odoo

Apps
Finance

Accounting

Invoicing

Expenses

Spreadsheet (BI)

Documents

Sign
Sales

CRM

Sales

POS Shop

POS Restaurant

Subscriptions

Rental
Websites

Website Builder

eCommerce

Blog

Forum

Live Chat

eLearning
Supply Chain

Inventory

Manufacturing

PLM

Purchase

Maintenance

Quality
Human Resources

Employees

Recruitment

Time Off

Appraisals

Referrals

Fleet
Marketing

Social Marketing

Email Marketing

SMS Marketing

Events

Marketing Automation

Surveys
Services

Project

Timesheets

Field Service

Helpdesk

Planning

Appointments
Productivity

Discuss

Approvals

IoT

VoIP

Knowledge

WhatsApp
Third party apps Odoo Studio Odoo Cloud Platform
Industries
Retail

Book Store

Clothing Store

Hardware Store

Toy Store

Bakery
Services

Odoo Partner

Real Estate

Talent Acquisition

Bike Leasing

Hair Salon

Property Owner Association
Hospitality

Bar and Pub

Fast Food

Fine Dining Restaurant
Health & Fitness

Fitness Center

Sports Club

Wellness Practitioners
Supply Chain

Beverage Distributor

Corporate Gifts

Custom Furniture Production

Micro Brewery
Construction

Construction

Gardening

Solar Energy
...and many more!
Browse all Industries
Community
Learn

Tutorials

Documentation

Certifications

Training

Podcast

Empower Education

Education Program

Scale Up! Business Game

Visit Odoo
Get the Software

Download

Compare Editions

Releases
Collaborate

Github

Forum

Events

Translations

Become a Partner

Register your Accounting Firm
Get Services

Find a Partner

Find an Accountant

Schedule a demo

Customer References

Implementation Services

Development Services

Support

Upgrades
Github Youtube Twitter Linkedin Instagram Facebook Spotify

+1 (650) 691-3277
Get a demo
Pricing
Contact

Odoo is the world's easiest all-in-one management software.
It includes hundreds of business apps:

CRM
e-Commerce
Accounting
Inventory
PoS
Project management
MRP

Take the tour

All Posts People Badges

Tags (View all)

odoo v14 accounting v15 odoo16features

About this forum

odoo keeps a record of entries in the system with the password in plain text

2 Replies

2119 Views

Humanoide servicios para la pyme, S.L.N.E.

Hello,

odoo keeps a record of entries in the system with the password in plain text.

It is stored in the datatir in forlder /sesions

Isn't it a vulnerability?

How can I avoid it?

Is it ready a module to solve this?

Thanks.

tell me the path where passwords are stored in clear form? as far as I know, passwords are stored in the database in the form of hashes with salt

Humanoide servicios para la pyme, S.L.N.E.

Author

/odoo/.local/share/Odoo/sessions

Yes, it's true, vulnerability

Does this app help? https://www.odoo.com/apps/modules/10.0/auth_crypt/

Hi

no, this is the default module and it encrypts passwords in the database, and the above describes the vulnerability in the session data are different things

Enjoying the discussion? Don't just read, join in!

Create an account today to enjoy exclusive features and engage with our awesome community!

Sign up