You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@streampark.apache.org by zhouli <zh...@foxmail.com> on 2023/04/25 02:17:38 UTC

Reset Password Improvement

Hi Team:


StreamaPark supports admin to reset user password, but the reseted password is hardcoded which may brings some security issues, for example, a hacker can use this hardcoded password try to login with&nbsp; for different users. So, I propose to generate and return a random password in backend when reset password.




Best Regards.

Re: Reset Password Improvement

Posted by Huajie Wang <be...@apache.org>.

+1

Hardcoding passwords does pose security risks. Generating and
returning random codes It looks good to me


Best,
Huajie Wang



zhouli <zh...@foxmail.com> 于2023年4月25日周二 10:17写道：

> Hi Team:
>
>
> StreamaPark supports admin to reset user password, but the reseted
> password is hardcoded which may brings some security issues, for example, a
> hacker can use this hardcoded password try to login with&nbsp; for
> different users. So, I propose to generate and return a random password in
> backend when reset password.
>
>
>
>
> Best Regards.