In the edit page, you're showing `v_secret = str_repeat('*', strlen($v_secret));, which reveals the length of the secret. You might want to just str_repeat('*', 8); or something.
`v_secret = str_repeat('*', strlen($v_secret));
str_repeat('*', 8);
Sure, but if someone has read access to that edit page, they're already an admin and could change the secret.
That being said, it's a simple change.
@tflink changed the status to Fixed
Fixed
Login to comment on this ticket.