Odoo is the world's easiest all-in-one management software. It includes hundreds of business apps:
CRM | e-Commerce | Accounting | Inventory | PoS | Project management | MRP | etc.
The Question has been closedby
I opened the database and i found that user's passwords stored as it was provided in UI (in clear text), am i missing something?, is there is any configurations that i missed?!, or really openERP stores passwords like that?
As i know that in term of security it is a very bad practice to store passwords without strong hashing (SHA-256+) and salting!
Well, actually that's a feature, so that it's possible to recover lost passwords.
As for the reason for cleartext passwords: once you switch to encrypted passwords you can't recover user passwords anymore . So enabling it is a choice, because there's no going back. We don't currently plan to make passwords encrypted by default.
See the full discussion on the "base_crypt and users_ldap don't work together" bug report.
EDIT: the above presents publicly available points of view from OpenERP SA people, and does not reflect any personal opinion on the subject.
About This Community
Odoo Training Center
Access to our E-learning platform and experience all Odoo Apps through learning videos, exercises and Quizz.Test it now
|Asked: 3/17/13, 10:28 AM|
|Seen: 6892 times|
|Last updated: 3/16/15, 8:10 AM|