Opened 10 years ago

#2442 new bug

Plaintext auth passwords.

Reported by: WatchDog Owned by:
Priority: major Milestone: Future
Component: Core Version: master
Keywords: Cc:


Deluge stores daemon auth passwords in plain text. Deluge should follow best practice's and store passwords using bcrypt or scrypt.

However, hashing the passwords would cause problems for local clients that read and use the plaintext password from the auth file.

Local clients will need to either be whitelisted or use some other sort of secret only they can known to authenticate.

Change History (0)

Note: See TracTickets for help on using tickets.