[Xerte] Security concern

Matt Lingard mattlingard at gmail.com
Thu Aug 11 15:46:02 BST 2011


The systems manager at my institution has raised a security concern
regarding the password for the admin account for our Xerte Online toolkit.

I'm told that the password is clear text (ie the characters are visible) in
a table in the database called 'sitedetails' (as it is the management.php
interface). He suggests that this isn't good practice.  Has anyone else had
any concerns raised about this?  We run other services on the same server.

I'm not particularly technical myself, just trying to ascertain the level of
risk.

thanks,
Matt

-- 
Matt Lingard,
Learning Technologist
LSE
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nottingham.ac.uk/pipermail/xerte/attachments/20110811/ad1c1bdb/attachment.html>


More information about the Xerte mailing list