View Issue Details

IDProjectCategoryView StatusLast Update
14408Feature requests[All Projects] Securitypublic2019-03-23 09:45
Reporteradelphi_userAssigned To 
PrioritynoneSeverityfeature 
Status newResolutionopen 
Product Version 
Target VersionFixed in Version 
Summary14408: DSVGO - sending passwort in plain-text with an e-mail is no longer allowed
Description

If a user registers to continue the survey later, an e-mail will be sent to him. In this e-mail the user will find the password in plain text. You can also find the password in plain-text in the URL.
According to the new DSVGO, the sending of passwords in plain-text with an e-mail is no longer allowed. That's why our data protection officer is getting on my roof.
How do you want to deal with this problem in the future?

Thx

TagsNo tags attached.

Relationships

related to 14049 new Feature requests Don't send plain text passwords through mail 
related to 14621 new Feature requests Hardening PHP during installation 

Activities

DenisChenu

DenisChenu

2019-01-09 11:54

developer   ~50131

Same for "Create admin user" => we must use "Single password system"

bismark

bismark

2019-01-09 14:54

reporter   ~50135

dont call it password ;-)

DenisChenu

DenisChenu

2019-01-09 15:26

developer   ~50137

Else : in my opinion : must have a checkbox "Put complete link for reload" Y/N : N is better, but Y didn't update for other user.

My general global opinion : muts move whole register system to plugin/extension/module …

LouisGac

LouisGac

2019-01-10 15:11

manager   ~50146

dont call it password seems a good solution :)

jelo

jelo

2019-03-13 12:02

partner   ~50945

1.) Which section of the DSGVO / GDPR is forbidding passwords via E-Mail?

But even without DSGVO/GDPR sending passwords directly per E-Mail is not good practice.
Why? You assume that the email is reaching the recipient.

For Save / Resume I would recommend to show a precreate "Surveykey, Accesskey" (plus QRCode) and allow people to choose to let it send to them via E-Mail. Their choice.

Usercreation:
Allow to not send a password via E-Mail. If you send a password via E-Mail, make it temporary or at least first sign forces change of password.

DenisChenu

DenisChenu

2019-03-13 12:16

developer   ~50947

@jelo :

  1. Save and resume : https://gitlab.com/SondagesPro/coreAndTools/reloadAnyResponse/issues/2
  2. Admin email : https://bugs.limesurvey.org/view.php?id=14049
cdorin

cdorin

2019-03-14 11:16

manager   ~50976

@adelphi_user, can you pinpoint the article in GDPR that stipulates that? I also know that it is not recommended, but still "acceptable".

Nevertheless, we are aware of the issue you describe and we will change it in the upcoming version; I hope :)

Issue History

Date Modified Username Field Change
2019-01-08 17:32 adelphi_user New Issue
2019-01-09 11:54 DenisChenu Note Added: 50131
2019-01-09 14:54 bismark Note Added: 50135
2019-01-09 15:26 DenisChenu Note Added: 50137
2019-01-10 15:11 LouisGac Note Added: 50146
2019-03-12 15:11 DenisChenu Relationship added related to 14049
2019-03-12 15:35 DenisChenu Relationship added related to 14621
2019-03-13 12:02 jelo Note Added: 50945
2019-03-13 12:16 DenisChenu Note Added: 50947
2019-03-14 11:16 cdorin Note Added: 50976