[Date Prev][Date Next]
Security issue : userPassword is shown
- To: firstname.lastname@example.org
- Subject: Security issue : userPassword is shown
- From: Paul Lee <email@example.com>
- Date: Thu, 23 Oct 2008 09:58:16 +0800
- User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax)
I use a 3rd party LDAP browser to browse the users that I created. I
can see the userPassword clearly (plain text).
Is there any way to avoid this ?
When I use slapcat command to export to LDIF file, the userPassword
field is encrypted, but why using 3rd party browser will show the
password in plain text ?
Confidential Communication - This e-mail (including any attachments) is confidential and may be
legally privileged. If this e-mail has been sent to you by mistake please inform us by reply
e-mail and then delete the e-mail, destroy any printed copy and do not disclose or use the
information in it.