Project

General

Profile

Avoiding plaintext password over the wire

Added by Nathan Ferry over 14 years ago

I was noticing that Redmine sends plaintext passwords over the network between the browser and server (using LDAP auth). Is there any way to configure RM to encrypt passwords in the browser? The only other option I can see is to set up SSL for the login page (which would be overkill for the projects we use Redmine for, but I still don't want to send our network passwords as plaintext).