View Issue Details

This bug affects 1 person(s).
 254
IDProjectCategoryView StatusLast Update
09606Feature requestsSecuritypublic2015-04-17 15:38
ReporterVitelinside Assigned To 
PrioritynormalSeverityfeature 
Status newResolutionopen 
Summary09606: Removing the display of passwords in bounce email
DescriptionIT Security problems with password display

When using Limesurvey, a user can choose not to finish the survey and to « resume later ». When clicking on the « resume later » button, the user is asked to type in a login, password and email address. He then receives an email in which his login and password are written, the password is therefore visible, readable, clearly displayed.
However when the user mistypes his email address an email is sent to the « bounce email » and this can be an administrator from IT services but it can also be just anyone creating the survey. The problem is that the original email – with login and password- is enclosed to this « Undelivered Mail Returned to Sender » email.
When looking at the login and password it is very easy to infer from the complexity of the password whether it is one used professionally or not.
Therefore this is a major flaw in IT security for users of Limesurvey as potentially anyone can have the email address and professional password of Limesurvey users.
Could this be changed by removing the display of passwords and replacing it only by a complex URL ?
TagsNo tags attached.
Bug heat254

Users monitoring this issue

User List Vitelinside

Activities

DenisChenu

DenisChenu

2015-04-17 15:38

developer   ~32017

Think we must add a beforeEmail for all email sent by LimeSurvey

https://manual.limesurvey.org/BeforeTokenEmail

Then this can be done in a plugin (and save must be moved in plugin too ...)

Issue History

Date Modified Username Field Change
2015-04-16 13:52 Vitelinside New Issue
2015-04-16 15:54 Vitelinside Issue Monitored: Vitelinside
2015-04-17 15:38 DenisChenu Note Added: 32017