[Typo3] FE user password stored in cleartext ?

Michael Stucki michael at typo3.org
Thu Jul 14 10:50:35 CEST 2005

Mathias Schreiber [wmdb>] wrote:

> Mario Matzulla wrote:
>> I would prefer if the choise, how fe-user passwords are stored, would be
>> integrated into the typo3-core.
> You mean "switchable"?
> Might be an option.
> Let me see what we would need to change (additions welcome):
> - TCA password fields would have to react on a value in TYPO3_CONF_VARS
> (or page TSConfig, if you want to have it switchable by trees, not
> installs).
> - FE_USERAUTH would have to react on value (as above)
> - feadminLib would have to react on values

I agree the fe_user password should not be clear-text, regardless of how
much work this means.

However this will break existing sites so we have to clearly think about a
proper solution.

> Any place I forgot?

Is this submitted to the bugtracker already?

- michael
Use a newsreader! Check out

More information about the TYPO3-english mailing list