[TYPO3-project-4-3] t3sec_saltedpw as sysext?
Xavier Perseguers
typo3 at perseguers.ch
Tue Apr 28 10:36:07 CEST 2009
Hi Masi,
Martin Kutschker wrote:
> Michael Stucki schrieb:
>> So what should be the default storage?
>> a) Plaintext (like now)
>> b) MD5
>> c) Salted Hash
>>
>> 1) for FE
>
> Do we need JS for a) and b)? Or can I use SSL with a plain text password
> transmission? Anyway, if I had to choose between b) and c) I'd choose c).
Small question: (I did not read code from t3sec_saltedpw) is the salted
password compatible with the pending change of "forgot password" of
feuser? I mean is this still possible to use the hook?
Would t3sec_saltedpw use the hook itself? If so, I guess the hook should
be slightly changed to allow multiple extensions to hook into the
password change and still have a way to get the
unencrypted/unsalted/unhahsed password.
--
Xavier Perseguers
http://xavier.perseguers.ch/en/tutorials/typo3.html
More information about the TYPO3-project-4-3
mailing list