[TYPO3-dev] MD5 for FE-User password?
Malte Jansen
mail at maltejansen.de
Wed Nov 7 11:36:49 CET 2007
Steffen Kamper schrieb:
> "Peter Russ" <peter.russ at 4many.net> schrieb im Newsbeitrag
> news:mailman.1.1194430176.22305.typo3-dev at lists.netfielders.de...
>> --- Original Nachricht ---
>> Absender: Ingo Renner
>> Datum: 07.11.2007 08:57:
>>> Steffen Kamper wrote:
>>>
>>>> yes, and i think this one could be a sysext.
>>> no, this should be integrated, not a extension.
>> MD5 is not required for all sites.
>> Additionally "Send forgot password" would fail.
>> So I would appreciate a solution where the admin could decide, i.e.
>> leave the status as it is.
>>
>> Regs. Peter.
>>
> Hi Peter,
>
> there could be a general flag in installtool for usage of md5 or not.
Should not be done, because if you only have "guest account", you do not
know it how the password is saved. Than T3 would be like a
"password-spykit", which it is now...
For all new version it should be forced, although the login-extensions
must be change.
> Forget Password function can ask this flag and in case of md5 generate a new
> one.
Correct
More information about the TYPO3-dev
mailing list