[Typo3] Backslashes, single and double quotes in passwords

Michael Stucki michael at typo3.org
Fri May 6 00:23:16 CEST 2005


Hi Martin,

(fullquote because the mail is old)

I see the problem you are encountering. Quick fix is to not use special
characters in the password or to change the FE user passwords to MD5sum
(there should be extensions for doing that).

I agree we could also forbid those characters and have a warning pop up
whenever one tries to enter it, but I think it's not important because you
seem to be the first one who uses such a password :-)

If you think it should be solved, make sure it gets reported to our
bugtracker: http://bugs.typo3.org/

Regards, michael

> To start with, I'm using Typo3 3.5.0, feuser_admin 1.0.2 and newloginbox
> 1.1.0 on a Debian Linux system. Right now, I have no plans on migrating to
> a later version of Typo3 as the old one is working more or less flawlessly
> and is highly customized using TypoScript.
> 
> Now for the real issue of my posting: I'm experiencing some trouble with
> FE users using backslashes (\), single quotes (') or double quotes (") in
> their passwords: The password is set correctly in the backend view (in my
> "Users" folder), but the users are not able to login. If I backslash each
> occurrence of these characters in the password, like this: \ -> \\, ' ->
> \', " -> \", the users are able to login with their correct password. Is
> this a known problem? Has anybody had this problem before (I couldn't find
> anything in the archives)?
> 
> What can I do about it? I see two possibilities: Forbid usage of these
> chars in passwords (how can I accomplish this?) or enter the password with
> backslashes into the feuser database (preferred). Any ideas?
> 
> Best regards,
> Martin

-- 
Use a newsreader! Check out
http://typo3.org/community/mailing-lists/use-a-news-reader/



More information about the TYPO3-english mailing list