Kinook Software Forum

Kinook Software Forum (https://www.kinook.com/Forum/index.php)
-   [UR] Suggestions (https://www.kinook.com/Forum/forumdisplay.php?f=25)
-   -   Please verify current password when changing DB password (https://www.kinook.com/Forum/showthread.php?t=3939)

teratorn 02-13-2009 12:53 AM

Please verify current password when changing DB password
 
Since, as I understand it, UR is cryptographically secure.
So, when a password has been set, it is vitally
important that a malicious user can't easily change a DB
password by sitting down at the keyboard (either
physically, or remotely with screen control software,
trojan horses, etc).

Backups can't always save you if you aren't using
secure versioning of your Info Database... the backup
copy can get overwritten with the newly encrypted file
that you don't know the password to.

Standard security practice dictates that you always do a
password check for things like this... should be a no-
brainer to implement, I imagine.

Thanks for listening. -teratorn

kinook 08-04-2009 04:19 PM

In UR Pro v4, the Change Password dialog require the current password to be entered in order to change or remove the password.


All times are GMT -5. The time now is 05:24 AM.


Copyright © 1999-2023 Kinook Software, Inc.