Removing plaintext password from config file?
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
widelands |
Won't Fix
|
Undecided
|
Unassigned |
Bug Description
The current configuration file in trunk contains the plaintext password (for users of build19) and the hashed password (for users of trunk). The idea was that users (mainly developers) that are using both versions don't loose their saved password.
Do we still want to support this double-usage of build19- and build20+ ? Removing the plaintext password (by removing line 755 in wlapplication.cc) would be inconvenient for users of both versions but would increase the password security for the other users.
I would be in favor of removing it, since I guess the number of users using both versions will shrink quickly as soon as the Linux distributions pick up the new build for the repositories (and they no longer need the build19 version for playing with people online).
Changed in widelands: | |
status: | New → Confirmed |
I'm in favor of removing it for Build 21. The mix will make it easier for users to make the transition and not get login errors when they have just updated.