Are passwords now encrypted by default in version 7?
I have read many places that a mod needs to be installed for the passwords to be encrypted but they were for version 6.
If I need to install a mod, what is it called? I have only found "Password Encryption" but I think that is for email only?
Please advise, I am very new to OpenERP and want to make it secure.
Please, search before post new answer. This is a common question: https://accounts.openerp.com/forum/Help-1/question/6545
Just checked with my 7.0 installation and the passwords are not encrypted. However, I wonder what security problem you are worried about? Encrypted passwords in the database only mean that somebody who connects directly to your db, or who gets access to a database dump can't see the user passwords (which is of course a good thing in itself). Access to the database and its dumps should be restricted as there is far more than just user passwords that is potentially sensitive information in an ERP. Password encryption does not increase the security of the application in any way.
If you are worried about the general security of OpenERP that are other more important things to be concerned about, such only allowing connections to your OpenERP server using SSL.
Please try to give a substantial answer. If you wanted to comment on the question or answer, just use the commenting tool. Please remember that you can always revise your answers - no need to answer the same question twice. Also, please don't forget to vote - it really helps to select the best questions and answers!
About This Community
|Asked: 4/3/13, 1:27 PM|
|Seen: 3197 times|
|Last updated: 3/16/15, 8:10 AM|