Opened 15 years ago

Closed 15 years ago

Last modified 15 years ago

#1138 closed bug (Invalid)

Password hashing methode not documented

Reported by: Jonny Owned by: Damien Churchill
Priority: major Milestone:
Component: Web UI Version: 1.2.0
Keywords: Cc:

Description

Hey guys, I tried to change the webui password and that's a really horrible task. You've got to make that easier, or at least outline the steps!

Here are my points:

1) Your method of using the salt may be valid, but unintuitive. I read about salts on wikipedia, and they calculate hash(password+salt) whereas you calculate hash(salt+password). See? You're appending the password, not the salt. Tell people about that.

2) It's pretty hard to get the daemon/webui to actually reload the config. You can't just stop and restart, because they'll override your changes to the config file.

Thanks for being open source. I'd never have found out if it wasn't. On the other hand, being open source is no excuse for poor documentation.

I suggest you simply add a "Change password" box to the gtk-ui.

Change History (2)

comment:1 by John Garland, 15 years ago

Resolution: invalid
Status: newclosed

There isn't any documentation as you should change the password via the preferences page (in the webui). I've added this to the FAQ: http://dev.deluge-torrent.org/wiki/Faq#HowdoIchangethepassword

comment:2 by Jonny, 15 years ago

Thanks, this should help.

Note: See TracTickets for help on using tickets.