News:

Looking for documentation? Take a look on our wiki

Main Menu

SO disappointed in Virtuemart's own site (not the product)

Started by rand486, August 14, 2012, 18:53:35 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

rand486

August 14, 2012, 18:53:35 PM
While I love Virtuemart, I have to say how disappointed I am in the Virtuemart site itself.  I just paid for an extension, which again, runs great, but I was shocked to find in my inbox, an email with my username and password in plaintext.  Surely, as developers of an eStore, and having to worry about security and PCI compliance, you've heard of a cryptographic hash code http://en.wikipedia.org/wiki/Cryptographic_hash_function.

Passwords should never be stored in plaintext, or in a two-way encryption process.  I am very uneasy about how Virtuemart's own website stores its customers' information now.

Milbo

#1
August 14, 2012, 21:11:15 PM
This is the usual way joomla is confirming your registration. The password is not plain stored
Should I fix your bug, please support the VirtueMart project and become a member
______________________________________
Extensions approved by the core team: http://extensions.virtuemart.net/
Print
Go Up Pages1
User actions