Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Reflect on saving passwords in plain-text #42

Open
linusgke opened this issue Dec 17, 2023 · 0 comments
Open

Reflect on saving passwords in plain-text #42

linusgke opened this issue Dec 17, 2023 · 0 comments
Labels
question Further information is requested

Comments

@linusgke
Copy link
Member

Under normal conditions, saving passwords in plain-text is an absolute no-go — end of discussion.
However, the following circumstances make it reasonable to save the student's passwords in plain text for this project:

  • A user's password is server-generated on user creation and cannot be changed by the user
    (Disclosure of private passwords is hence impossible.)
  • Students lose their passwords all the time. Hashed passwords would require re-generating of passwords which is a bit more complex to implement
  • There isn't much at stake! — worst case would be someone voting for someone else, which would be easily discovered
@linusgke linusgke added the question Further information is requested label Dec 17, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@linusgke