Ticket #5921 (new Feature Requests)

Opened 1 year ago

ARI_ADMIN_PASSWORD should be saved as SHA1 hash

Reported by: mustardman Assigned to:
Priority: major Milestone: 2.11
Component: ARI Version: 2.10-branch
Keywords: Cc:
Confirmation: Unreviewed Distro:
Backend Engine: All Distro Ver:
Backend Ver: SVN Revision (if applicable):

Description

A lot of people use the same password for ARI Admin and for FreePBX Admin. The FreePBX admin password is saved as SHA1 hash in the DB but ARI Admin is not. They could then simply log into ARI as admin or try use that password to log into FreePBX as admin.