by Helfertech

Secure your SuiteCRM password and account data by implementing two-factor authentication with Google Authenticator.

Cancel at any time!
Free Trial

#4223 - Unencrypted passwords

Closed Bug? created by a year ago

I have been recently been tasked with support of a SuiteCRM database using your 2FA plugin, and I have found that we have plaintext passwords stored in our database under a column ht_auth_password . This clearly constitutes a critical security issue for us. Is this something that will be corrected by an upgrade to the latest version? I want to be able to get the system back online as soon as possible.

  1. saeed member avatar

    Helfertech Provider

    a year ago

    Hi Niall,

    We have uploaded a new version 5.2 which stores encrypted passwords instead of plaintext. Please download the latest package from the store.

    Thank you.

This case is public. Please leave out any sensitive information such as URLs, passwords, etc.
Saving Comment Saving Comment...