You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
the constrain is that, unless using OAuth (for which there is a pending issue #25 and which itself will need to store secret keys) we need to be able to recover the password, would stocking the password as a hash of a symmetric algorithm (like base64) address your concern?
The
config.md
documentation document suggests users to store their account credentials for allowing write operations.The special page
write_operations.md
mentions the fact of clear text storage, but far away even fromREADME.md
.Would it be possible to provide the password as a secure hash to the remote auth endpoint instead?
The text was updated successfully, but these errors were encountered: