CEL 847 – Require old password when changing the password

At the moment users can change there passwords without checking the old one

CEL 814 – Improve Cello User security

At to moment Cello stores the database user in an AppConfig file. This leaves the app open to someone running a HEX editor on Cello.exe pulling out the App_Key then reversing the encryption to figure out the SQL user.

To get round this. We need to tie the Cello users to SQL users and store the password in the SQL user. Then remove the UserName and Password from the AppConfig file.

Cello would then open the Login screen without connecting to the database. And then build the connection string out of the UserName and Password the User enters along with the instance name taken from the AppConfig file.

Note: This will effect the logo on the login screen.

To find out more information or to discuss your requirements with one of our experienced professionals Get In Touch