Koha-community
/
Koha
13
5
Fork 0
Code Issues Releases Wiki Activity
Browse Source

Bug 12367 - Import patrons still says "MD5 hash" 

The password hashing algorithm was changed in Bug 9611,
but on Tools > Import patrons, in the text on the right
hand side, it still says:

"'password' should be stored in plaintext, and will be
converted to a MD5 hash"

This has no practical effect, of course, but to someone
evaluating Koha it might give the false impression that
password security is lower than it really is.

To test:
- Look at Tools > Import patrons and verify that it says
  "a MD5 hash"
- Also look at the help page and see the same text
- Apply the patch
- Check that both the tool and the help now says
  "a Bcrypt hash"

I'll do a patch for the docs too.

Signed-off-by: David Cook <dcook@prosentient.com.au>

Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
MM-OPAC/theme_dep
Magnus Enger 10 years ago
committed by Tomas Cohen Arazi
parent
8b2ca66290
commit
45b55fc3eb
2 changed files with 2 additions and 2 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      koha-tmpl/intranet-tmpl/prog/en/modules/help/tools/import_borrowers.tt
  2. 2
      koha-tmpl/intranet-tmpl/prog/en/modules/tools/import_borrowers.tt

2
koha-tmpl/intranet-tmpl/prog/en/modules/help/tools/import_borrowers.tt
View File

@ -10,7 +10,7 @@
<blockquote>borrowernumber, cardnumber, surname, firstname, title, othernames, initials, streetnumber, streettype, address, address2, city, zipcode, country, email, phone, mobile, fax, emailpro, phonepro, B_streetnumber, B_streettype, B_address, B_address2, B_city, B_zipcode, B_country, B_email, B_phone, dateofbirth, branchcode, categorycode, dateenrolled, dateexpiry, gonenoaddress, lost, debarred, contactname, contactfirstname, contacttitle, guarantorid, borrowernotes, relationship, ethnicity, ethnotes, sex, password, flags, userid, opacnote, contactnote, sort1, sort2, altcontactfirstname, altcontactsurname, altcontactaddress1, altcontactaddress2, altcontactaddress3, altcontactzipcode, altcontactcountry, altcontactphone, smsalertnumber, patron_attributes</blockquote>
<p style="color: #990000;">Important: The 'password' value should be stored in plain text, and will be converted to a md5 hash (which is an encrypted version of the password).</p>
<p style="color: #990000;">Important: The 'password' value should be stored in plain text, and will be converted to a Bcrypt hash (which is an encrypted version of the password).</p>
<ul>
<li>If your passwords are already encrypted, talk to your systems administrator about options</li>

2
koha-tmpl/intranet-tmpl/prog/en/modules/tools/import_borrowers.tt
View File

@ -158,7 +158,7 @@
</li>
[% END %]
<li>The fields 'branchcode' and 'categorycode' are <b>required</b> and <b>must match</b> valid entries in your database.</li>
<li>'password' should be stored in plaintext, and will be converted to a MD5 hash (if your passwords are already encrypted, talk to your system administrator about options).</li>
<li>'password' should be stored in plaintext, and will be converted to a Bcrypt hash (if your passwords are already encrypted, talk to your system administrator about options).</li>
<li>Date formats should match your system preference, and <b>must</b> be zero-padded, e.g. '01/02/2008'. Alternatively,
you can supply dates in ISO format (e.g., '2010-10-28').
</li>

Write Preview
Loading…
Cancel
Save