Advisory: STARFACE: Authentication with Password Hash PossibleRedTeam Pentesting discovered that the web interface of STARFACE as wellas its REST API allows authentication using the SHA512 hash of thepassword instead of the cleartext password. While storing passwordhashes instead of cleartext passwords in an application's databasegenerally has become best practice to protect users' passwords in caseof a