Story #43: Cleartext Password Submission Prevention - Tingg - Redmine

Actions

Copy link

Story #43

open

Epic #51: Security Points Checking

Cleartext Password Submission Prevention

Added by rashmita rout about 2 months ago. Updated about 1 month ago.

Status:

New

Priority:

Medium

Assignee:

Target version:

Start date:

01/05/2026

Due date:

% Done:

Estimated time:

Acceptance Criteria:

1. Secure password hashing
2. Elimination of cleartext password storage
3. Encrypted transport using TLS
4. Protection against MITM and downgrade attacks
5. Secure session cookie transmission

DOR:

Story Points:

Work Type:

Feature

User Impact:

Technical Area:

Release Narrative:

Planned Sprint:

Completed In Sprint:

Spillover Reason:

Deployment Reference URL:

Description

Objective:

Ensure that user passwords are never transmitted, processed, or stored in cleartext by enforcing strong cryptographic hashing, encrypted transport, and secure cookie handling

Covers:

Secure password hashing

Elimination of cleartext password storage

Encrypted transport using TLS

Protection against MITM and downgrade attacks

Secure session cookie transmission

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Tingg

Custom queries

Story #43

Cleartext Password Submission Prevention

Updated by rashmita rout about 1 month ago