[TYPO3-project-4-3] saltedpasswords for v4.3
Steffen Ritter
info at rs-websystems.de
Tue Jul 21 10:43:34 CEST 2009
Steffen Kamper schrieb:
> this means extension doesn't auth, and of coarse doesn't update
> password. I didn't encountered why.
In a discussion with Steffen via Skype we turned out that
saltedpasswords was not activated for be, since he does not use rsaauth.
Marcus Krause and me once decided not to allow plain transmit of
BE-Passwords, which would be needed for saltedpasswords without RSA.
This is why saltedpasswords is not activated for backend purposes when
loginlevel is superchallenged (won't work anyways) or normal (because of
security reasons).
Steffen and me (it's like Steffen²) came over to use a userfunc in
ExtMgm checking this, and make the user really clear by a message if
saltedpasswords is activated in be or why not exlpaining the reasons to
users who are not into the topic. So that they know what to do do let it
work.
regards
Steffen
More information about the TYPO3-project-4-3
mailing list