hello one and all, what about this for https://groups.google.com/forum/#!topic/web2py/4eWj_BlGWjc and I started this new thread because I think it is different subject then the latter link.
what if I sent the password as straight text in the form? meaning it is decoded from the database, sent to and from as straight text, displayed as straight text, and then encoded before it is stored back in the database. see I am setting up managers for each firm in my model. and a manager works at the firm and can insert and update new logins/users for only their own firm. so I don't believe it is necessary for the managers to see the **** for the password. the managers are allowed to change the passwords of the other users. if you think is really a terrible idea for security reasons, please let me know and why. if you think it is fine to setup managers with this level of control, then please tell me how to decode and encode the passwords under web2py. thank you and sincerely, Lucas -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
