I was doing some testing, trying to diagnose a different issue, and found that passwords are not encrypted on clicking “submit” on registration (/registration). I used Firefox looked at the request, you can see the password in clear-text.
I also looked at the /login page, and any user registered using UM also has this issue of the password being sent in clear-text.
- The topic ‘Bug? Passwords in Clear Text’ is closed to new replies.