İçereği Atla
Menü
Bu soru işaretlendi
2 Cevaplar
9445 Görünümler

Are passwords now encrypted by default in version 7?

I have read many places that a mod needs to be installed for the passwords to be encrypted but they were for version 6.

If I need to install a mod, what is it called? I have only found "Password Encryption" but I think that is for email only?

Please advise, I am very new to OpenERP and want to make it secure.

Avatar
Vazgeç
En İyi Yanıt

Please, search before post new answer. This is a common question: https://accounts.openerp.com/forum/Help-1/question/6545

Avatar
Vazgeç
En İyi Yanıt

Just checked with my 7.0 installation and the passwords are not encrypted. However, I wonder what security problem you are worried about? Encrypted passwords in the database only mean that somebody who connects directly to your db, or who gets access to a database dump can't see the user passwords (which is of course a good thing in itself). Access to the database and its dumps should be restricted as there is far more than just user passwords that is potentially sensitive information in an ERP. Password encryption does not increase the security of the application in any way.

If you are worried about the general security of OpenERP that are other more important things to be concerned about, such only allowing connections to your OpenERP server using SSL.

Avatar
Vazgeç

For one thing, it means that if a server is compromised as you described, if users have used the same passwords elsewhere, their accounts everywhere else haven't been compromised too...

İlgili Gönderiler Cevaplar Görünümler Aktivite
2
Şub 21
17280
2
Mar 15
3673
1
Nis 24
26484
0
Ara 24
9449
0
May 25
1529