Users with plain text passwords
severity-critical
cms-user-plain-text-passwords
Summary
In this age of security breaches, you want to do everything you can to protect your users. While not best practice, many users use the same username and password for multiple sites. So even if your site does not contain sensitive data, your users may still be at risk. They may be using that same username/password on a site that DOES contain sensitive data. Hackers know this and take advantage of this. While we hope your organization never has a data breach, we want to ensure your users are protected.
This check reviews your users to see if any of them are set to use plain text passwords.
Check Logic
Constant Care for Kentico will ensure the Number of users with plain text passwords is no more than 0 (default)
You can manage your settings for this checkup in the Constant Care for Kentico admin settings.
Resolution
If your system does have users that have plain text passwords, you will want to ask them to reset their password (after you have fixed your possible password format issue).
Not sure what to do?
If you are ever unsure about making changes to your site, we encourage you to reach out to your
Kentico Xperience Gold Partner. If you do not have a partner,
then feel free
contact the Constant Care For Kentico team to get connected
with an expert.