[TYPO3-dev] md5 encryption with kb_md5fepw
Christoph Koehler
christoph.koehler at gmail.com
Sun Mar 5 05:45:40 CET 2006
On Sat, 04 Mar 2006 18:51:38 -0600, Bernhard Kraft <kraftb at kraftb.at>
wrote:
>
> In the database the md5 strings are stored those are required to
> generate the (super)challenged
> hash on the server side. On the client side this value is generated
> using the server supplied
> challenge and the usersupplied password (which is md5'ed first). Then
> the generated response
> get's sent to the server and compared to the there generated value.
So the actual password is just md5'ed, and then when someone logs in it is
combined with the challenge from the server and compared to the md5'ed
password plus challenge from the client?
Am I getting this right?
> greets,
> Bernhard
Thanks!
Christoph
More information about the TYPO3-dev
mailing list