Suggestions towards the hardcoded password #5843
Labels
area/core
Issues or PRs related to the Halo Core
kind/improvement
Categorizes issue or PR as related to a improvement.
System information
no
What is the project operation method?
Source Code
What happened?
Why you need it?
We've identified that the password is hardcoded in the source code here.
You can see the hardcoded key "changeit".
How could it be?
We understand that halo is a tool for building websites, but as long as the template allows for hardcoded password, this will also exist in downstream projects. That is, the developers who use halo for website building may still hardcode their passwords in the source code although these passwords may be change to something else rather than "changeit".
Suggestion
So, I suggest that the password should be stored in a more secure way, and I'm sure this will make halo better!
Relevant log output
No response
Additional information
No response
The text was updated successfully, but these errors were encountered: