Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you may not be able to execute some actions.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

LDAP Bind Pass not Hashed in config

V

vito last edited by

should the bind password be hashed for security in config.xml?
Reply Quote 0
1 Reply Last reply
J

jlepthien last edited by

Yeah, I think so, too. There are some security flaws if you do not encrypt the config file like having the WLAN Key in the config in plain text…
Reply Quote 0
1 Reply Last reply
C

cmb last edited by

You can't hash things the system must have in plaintext in order to function.
http://doc.pfsense.org/index.php/Why_are_some_passwords_stored_in_plaintext_in_config.xml%3F
Reply Quote 0
1 Reply Last reply

3
Posts

1472
Views

Log in to reply

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy

1 / 1