When used e.g. with revisioning module(on "publish this" link), this module saves a new password which is the SHA1 of the already saved hash in the database.

In order to prevent that behavior we can check it and do not allow saving the current hash as clear password. the other possibility(a user who wants to actually use that value seems improbable).

Support from Acquia helps fund testing for Drupal Acquia logo

Comments

marvil07’s picture

Assigned: marvil07 » Unassigned
Status: Active » Needs review
FileSize
1.1 KB

Here a proposed patch.

Grimreaper’s picture

Status: Needs review » Closed (outdated)

Hello,

Thanks for the patch but I close this issue because Drupal 6 is no more supported. https://www.drupal.org/drupal-6-eol

If this issue is present in Drupal 7, feel free to re-open it.