User's password encryption

4 posts by 2 authors in: Forums > CMS Builder
Last Post: July 12, 2013   (RSS)

By incube - July 9, 2013

Is it normal that the admin password is not encrypted in the cms_account BD'S but the other one created after the installation are all encrypted with sha1 ???

By gregThomas - July 9, 2013

Hi incube,

Thanks for bringing this to our attention. We will ensure that in the next release of CMS Builder the admin password is automatically encrypted as the CMS is installed.

For now there are several ways to encrypt the admins password after an install of CMS Builder:

  • A user enters an invalid password  while logging into the CMS.
  • The user clicks "Save" on the "My Account" menu.
  • An admin saves or updates their account record.
  • Website Membership Plugin: A user entered an invalid password into the login form. 

Let me know if you have any questions.

Cheers

Greg

Greg Thomas







PHP Programmer - interactivetools.com

By incube - July 9, 2013

In fact, I've tried to implement a section with passwords protection which is using CMS accounts... I've came to the problem I wasn't able to connect correctly since there is one user without any protection and other ones have an encryption.

I did something else to make it possible. 

But I'll know for the next time.