You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@streampark.apache.org by zhouli <zh...@foxmail.com> on 2023/04/25 02:17:38 UTC
Reset Password Improvement
Hi Team:
StreamaPark supports admin to reset user password, but the reseted password is hardcoded which may brings some security issues, for example, a hacker can use this hardcoded password try to login with for different users. So, I propose to generate and return a random password in backend when reset password.
Best Regards.
Re: Reset Password Improvement
Posted by Huajie Wang <be...@apache.org>.
+1
Hardcoding passwords does pose security risks. Generating and
returning random codes It looks good to me
Best,
Huajie Wang
zhouli <zh...@foxmail.com> 于2023年4月25日周二 10:17写道:
> Hi Team:
>
>
> StreamaPark supports admin to reset user password, but the reseted
> password is hardcoded which may brings some security issues, for example, a
> hacker can use this hardcoded password try to login with for
> different users. So, I propose to generate and return a random password in
> backend when reset password.
>
>
>
>
> Best Regards.