Description
Teacher account credentials are stored in localStorage without any hashing or encryption. This allows passwords to be viewed directly through browser developer tools.
Steps to Reproduce
- Register or log in as a teacher.
- Open browser developer tools.
- Navigate to localStorage.
- Inspect stored teacher data.
Expected Behavior
Passwords should be hashed before storage and should never be stored in plain text.
Actual Behavior
Passwords are stored in plain text and can be read directly.
Environment
- Browser: Chrome 125
- OS: Windows 11
- Node.js version: 20.x
Affected Page / Component
Additional Context
This is a security concern and exposes user credentials to anyone with access to the browser storage.
Hey @rishima17 I would like to work on this issue under SSOC-2026..
Description
Teacher account credentials are stored in localStorage without any hashing or encryption. This allows passwords to be viewed directly through browser developer tools.
Steps to Reproduce
Expected Behavior
Passwords should be hashed before storage and should never be stored in plain text.
Actual Behavior
Passwords are stored in plain text and can be read directly.
Environment
Affected Page / Component
Additional Context
This is a security concern and exposes user credentials to anyone with access to the browser storage.
Hey @rishima17 I would like to work on this issue under SSOC-2026..