When creating a Member with a user generated password (from password field in a form), the submitted password is stored in plain text in the form entries (UFRecords).
Would you consider a workflow option (checkbox?) to clear the field from the record itself during the workflow execution, or perhaps update the record with the hashed password instead?
If the workflow failed (i.e. wrong email format), is it worth clearing the password in all cases, to ensure we never store submitted password in plain text?
Passwords in plain text
When creating a Member with a user generated password (from password field in a form), the submitted password is stored in plain text in the form entries (UFRecords).
Would you consider a workflow option (checkbox?) to clear the field from the record itself during the workflow execution, or perhaps update the record with the hashed password instead?
Thanks for the great package.
Hi James.
Big thank you James. A new version of this package is now avalible that clears the password record field.
Here is a demo:
Take care! :)
Thanks for this update, it's been very useful.
If the workflow failed (i.e. wrong email format), is it worth clearing the password in all cases, to ensure we never store submitted password in plain text?
is working on a reply...