[TYPO3-dev] MD5 for FE-User password?
Malte Jansen
mail at maltejansen.de
Wed Nov 7 11:51:11 CET 2007
Correct the user is very cushy.
sometimes i have to go into the webuser-sysfolder. I do not want to see
the passwords. But sometimes there is no way around.
I think the passwords are also belonging the secrecy of the post, which
belongs to the German laws, which are concerning the internet (TDM,MDST
? I'm not sure where it was, but somewhere it was).
There are some reasons, why the BE-users have MD5-passwords. The same
reasons belong to the FE-users.
Perhaps there should also be a option for a better password. Something
like password must contain at least a special character, a numeric
character, uppercase letter and least a lower case character... So the
User cannot use his birthdate etc.
Malte
Georg Ringer schrieb:
> Malte Jansen schrieb:
>> If you do not know, how T3 works you do not that your password is
>> visible to the admins.
>
> this is correct but I also don't like that an admin can read the
> passwords of others if not necessary. There are too many users who take
> the same pw for many websites and so if you are admin, you can just try
> the user/pwd-combination @ gmx, hotmail, msn, ...
>
> georg
More information about the TYPO3-dev
mailing list