Encrypting users passwords
9 posts by 5 authors in: Forums > CMS Builder
Last Post: February 14, 2011 (RSS)
By Twocans - January 30, 2011
I have just started to play with the cms for the virst time, all seems to be working and I am having fun.
But, I have created some user accounts as I am the admin. When I then use navicat to view my database I see that the passwords for both users and admin are not encryped, this is sometime I feel is very important. Is there something in the control panel that I can check that will make all passwords entered and saved encryped.
cheers
k
Re: [twocans] Encrypting users passwords
By Jason - January 31, 2011
Currently CMS Builder doesn't support encrypting passwords in the database. This is something we're considering implementing in the future.
There is a trade off between security and usability. For example, if a user forgets their password, we have functionality that can send them a reminder of what their password is. If we encrypt the password, we would have to have them reset it.
That being said, CMS Builder is still a very secure piece of software. We've never had a customer have their server hacked as a result of our software.
Hope this helps.
Jason Sauchuk - Project Manager
interactivetools.com
Hire me! Save time by getting our experts to help with your project.
http://www.interactivetools.com/consulting/
Re: [Jason] Encrypting users passwords
By Twocans - February 1, 2011
Thanks for your reply
re CMS Builder is still a very secure piece of software. We've never had a customer have their server hacked as a result of our software."
That is great to know. But I am just looking at things from my side, I usually use Navicat for my database, what if someone got access to that then got to the database and played silly buggers with the passwords etc.
I do think it is very important to have the encrypted passwords and would very much like to see it implemented in the future, even as a plugin which also offered captcha.
k
Re: [twocans] Encrypting users passwords
By pod9 - February 10, 2011
Re: [pod9] Encrypting users passwords
By Twocans - February 10, 2011
http://pajhome.org.uk/crypt/md5/
kenny
Re: [twocans] Encrypting users passwords
By Twocans - February 10, 2011
I am now trying to figure how I can add the md5 to the apsswords been inserted using the cms
k
Re: [twocans] Encrypting users passwords
By ross - February 10, 2011
Thanks for posting the example. There is actually quite a bit of work that goes into updating CMS Builder to work with encrypted passwords so it's something we would end up working with you on through our consulting service (consulting@interactivetools.com). Drop me a line through that and we can go over the options.
Thanks!
Cheers,
Ross Fairbairn - Consulting
consulting@interactivetools.com
Hire me! Save time by getting our experts to help with your project.
Template changes, advanced features, full integration, whatever you
need. Whether you need one hour or fifty, get it done fast with
Priority Consulting: http://www.interactivetools.com/consulting/
Re: [ross] Encrypting users passwords
By Twocans - February 10, 2011
All in all I have create websites in asp over the last few years, I use to and still do use a few dreamweaver extensions that do a great job of inserting/ updating/ deleting content etc also a few extensions that offer login features along with encrypted passwords etc. I did have a poke at your cms a few times in the demo, I see it was a way to move over to php. I could go back to re purchasing all my dreamweaver extensions in php but I wanted to really have a good play at what you guys have before making a final decision.
Any way I do find most of my customers would require encrypted passwords, also for the website membership plug-in I and what customers I find feel this is a very important feature. I would like to work with your products in the future, but you mention it is a lot of work to update the cms to do this. I feel it is not in my interest to pay for such a thing so I will have to make my decision in the near future do I find a product else where. I was thinking if you guys were doing some updates that would mean we would have extra features in the next 6 months then I would hang around and wait.
any way, I do like your cms, but it is these few details that really make a difference.
cheers
Kenny
Re: [twocans] Encrypting users passwords
By Damon - February 14, 2011
Appreciate your feedback.
We do have those features on our CMS Builder Features Request but no time line is available for that right now.
Check back in the future and/or subscribe to our newsletter as we announce new versions and features of CMS Builder.
Thanks!
Damon Edis - interactivetools.com
Hire me! Save time by getting our experts to help with your project.
http://www.interactivetools.com/consulting/