[TYPO3-project-4-3] t3sec_saltedpw as sysext?
Michael Stucki
michael at typo3.org
Tue Apr 28 13:17:47 CEST 2009
Hi Masi,
>>> PS: If we can have salted hash, then md5 is obsolete.
>> It can still be provided as an alternative.
>
> Yes, of course, no problem with that. But who would use md5 when he can
> have a salted password (and some way to protect the password
> transmission)? NEWS.txt should encourage to upgrade.
One reason may be that an extension (BE or FE login) uses a hardcoded
login procedure, so it needs to be fixed first.
I think it's not important to provide the alternative, but it also would
not hurt.
- michael
--
Use a newsreader! Check out
http://typo3.org/community/mailing-lists/use-a-news-reader/
More information about the TYPO3-project-4-3
mailing list