547 bytes, patch
|Details | Diff | Splinter Review|
When editing users via the editusers.cgi page, the user's password is visible. This causes some concern for our users, since they may want to use one of their common passwords. It is trivial to change this field to a password field so the password isn't visible. Someone with rights can still change a users password, they just can't see it on the screen. I've attached a patch to make this change. Bugzilla passwords are still stored in the mysql database as plain text. However, I suspect that very few bugzilla users have direct access to mysql.
Created attachment 9886 [details] [diff] [review] Patch to change password entry to use a HTML password field
Seems like a reasonable very low risk patch to make bugzilla respect privacy. Adding 'patch' keyword for easier querying.
Taking this one...
This has been checked in.
In search of accurate queries.... (sorry for the spam)
this has been working for a long time. marking verified
Moving closed bugs to Bugzilla product