[TYPO3-project-4-3] t3sec_saltedpw as sysext?
Xavier Perseguers
typo3 at perseguers.ch
Fri Apr 24 17:04:23 CEST 2009
Hi Michael,
>> what do you think about making t3sec_saltedpw [1] a sysext enabled by
>> default in 4.3 and have it enabled for both FE and BE users by default
>> as well?
>>
>> I think it would be a good thing to ship with this by default.
>
> Unless we want to keep plaintext authentication as default, I'm for
> adding this functionality into the main core rather that having to
> install an extension for this.
>
> What do you think?
I'm for integrating good extensions that allow
encrypting/hasing/salting/... the passwords. They do not need to be
readable.
However, there's a problem with retrieving a lost password, especially
for FE users. Please see my post on dev list ("feuser, forgot password
and kb_md5fepw").
Regards
--
Xavier Perseguers
http://xavier.perseguers.ch/en
One contribution a day keeps the fork away
More information about the TYPO3-project-4-3
mailing list