Hashing the passwords (Do not store in clear text)

Submitted by -
Status: Implemented

Please don't store the passwords (admin/user/...) in clear text (if anybody manages to get into the machine hosting the controller, people will have a leak).

Passwords should be salted and hashed, and the password reset functionality could be done through a script that will simply set a new password in the database.

by Ubiquiti Employee
on ‎03-19-2016 08:37 AM
Status changed to: Implemented
on ‎10-02-2018 07:17 AM

@UBNT-Brandon Radius user passwords are still not salted or hashed. In 2018 this is unacceptable.


Is this known? Are you working on this?