Thanks Pat.<br><br>If anyone has made these changes, or alternatively, feels our concerns are unnecessary I'd be interested to hear.<br>Regards,<br>Matt<br><br><div class="gmail_quote">On Thu, Aug 11, 2011 at 4:04 PM, Pat Lockley <span dir="ltr"><<a href="mailto:patrick.lockley@googlemail.com">patrick.lockley@googlemail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">When I wrote it, we attached the caveat that we didn't advise people<br>
on the security of their installs.<br>
<br>
If you'd prefer to had it encoded, then the changes can be made in<br>
management.php to address storing the password in a different form.<br>
<div><div></div><div class="h5"><br>
On Thu, Aug 11, 2011 at 3:46 PM, Matt Lingard <<a href="mailto:mattlingard@gmail.com">mattlingard@gmail.com</a>> wrote:<br>
> The systems manager at my institution has raised a security concern<br>
> regarding the password for the admin account for our Xerte Online toolkit.<br>
><br>
> I'm told that the password is clear text (ie the characters are visible) in<br>
> a table in the database called 'sitedetails' (as it is the management.php<br>
> interface). He suggests that this isn't good practice. Has anyone else had<br>
> any concerns raised about this? We run other services on the same server.<br>
><br>
> I'm not particularly technical myself, just trying to ascertain the level of<br>
> risk.<br>
><br>
> thanks,<br>
> Matt<br>
><br>
> --<br>
> Matt Lingard,<br>
> Learning Technologist<br>
> LSE<br>
><br>
><br>
><br>
</div></div>> This message and any attachment are intended solely for the addressee and<br>
> may contain confidential information. If you have received this message in<br>
> error, please send it back to me, and immediately delete it. Please do not<br>
> use, copy or disclose the information contained in this message or in any<br>
> attachment. Any views or opinions expressed by the author of this email do<br>
> not necessarily reflect the views of the University of Nottingham.<br>
><br>
> This message has been checked for viruses but the contents of an attachment<br>
> may still contain software viruses which could damage your computer system:<br>
> you are advised to perform your own checks. Email communications with the<br>
> University of Nottingham may be monitored as permitted by UK legislation.<br>
><br>
> _______________________________________________<br>
> Xerte mailing list<br>
> <a href="mailto:Xerte@lists.nottingham.ac.uk">Xerte@lists.nottingham.ac.uk</a><br>
> <a href="http://lists.nottingham.ac.uk/mailman/listinfo/xerte" target="_blank">http://lists.nottingham.ac.uk/mailman/listinfo/xerte</a><br>
><br>
> This message and any attachment are intended solely for the addressee and<br>
> may contain confidential information. If you have received this message in<br>
> error, please send it back to me, and immediately delete it. Please do not<br>
> use, copy or disclose the information contained in this message or in any<br>
> attachment. Any views or opinions expressed by the author of this email do<br>
> not necessarily reflect the views of the University of Nottingham.<br>
><br>
> This message has been checked for viruses but the contents of an attachment<br>
> may still contain software viruses which could damage your computer system:<br>
> you are advised to perform your own checks. Email communications with the<br>
> University of Nottingham may be monitored as permitted by UK legislation.<br>
><br>
><br>
><br>
<br>
_______________________________________________<br>
Xerte mailing list<br>
<a href="mailto:Xerte@lists.nottingham.ac.uk">Xerte@lists.nottingham.ac.uk</a><br>
<a href="http://lists.nottingham.ac.uk/mailman/listinfo/xerte" target="_blank">http://lists.nottingham.ac.uk/mailman/listinfo/xerte</a><br>
</blockquote></div><br><br clear="all"><br>-- <br>Matt Lingard,<br>Educational Technology Consultant<br>+44 (0)7801 276 559<br><a href="http://uk.linkedin.com/in/mattlingard">http://uk.linkedin.com/in/mattlingard</a><br>
<br><br>