[TYPO3-english] Salted hashes and security
Victor Livakovsky
v-tyok at mail.ru
Fri Dec 16 12:19:56 CET 2011
Hi, Markus.
> What is the exact message shown by the report?
The message is shown in "Security" section:
"Backend user password hashes" - "Insecure"
During the configuration check of saltedpasswords the following issues have
been found:
Warnings about your configuration
SaltedPasswords might behave different than expected:
The backend is configured to use SaltedPasswords with RSA
authentication.
SaltedPasswords has been configured to enforce salted passwords
(forceSalted).
This means that only passwords in the format of this extension will
succeed for login.
IMPORTANT: This has the effect that passwords that are set from the
Install Tool will not work!
Note, that a wrong configuration might have impact on the security of your
TYPO3 installation and the usability of the backend.
More information about the TYPO3-english
mailing list