[TYPO3-project-4-3] t3sec_saltedpw as sysext?
Martin Kutschker
masi-no at spam-typo3.org
Tue Apr 28 13:50:06 CEST 2009
Michael Stucki schrieb:
> Hi Masi,
>
>>>> PS: If we can have salted hash, then md5 is obsolete.
>>> It can still be provided as an alternative.
>>
>> Yes, of course, no problem with that. But who would use md5 when he can
>> have a salted password (and some way to protect the password
>> transmission)? NEWS.txt should encourage to upgrade.
>
> One reason may be that an extension (BE or FE login) uses a hardcoded
> login procedure, so it needs to be fixed first.
>
> I think it's not important to provide the alternative, but it also would
> not hurt.
I never said that I want to drop support for md5 passwords.
Masi
More information about the TYPO3-project-4-3
mailing list