[TYPO3-dev] User setup module, hide "New password" field
Simon Harhues
Simon.Harhues at muenster.de
Mon Apr 27 15:29:14 CEST 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
Steffen Kamper schrieb:
> Patrick Gaumond schri
>> Do anyone know why the password is fill with bullets? Lots of editors
>> are puzzled when changing fields and seeing "addition" to their password.
>>
>> TYPO3 is the only web app I know doing this and it just scares editors.
>
> this is not set explicit. AFAIK using asteriks or bullets is done by the
> browser and/or OS
I think Patrick asked why there are more asteriks/bullets added, when
you leave the field.
This happens because the typed in password is hashed via MD5 when you
leave the input field, so that it isn't transfered as plain text.
But I agree, that this behaviour is confusing for editors. My suggestion
would be, if possible, to hash the submit value, but not the input value
(maybe using another hidden input for the "real" hashed password and
filling the visible input with some rubbish string that has the same
length as the typed in password)
Simon
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkn1syoACgkQzqmr83R5SCxUPgCfcfX6oLdHtfCYbh9leUIP3aEY
pHQAnRWQ4thQRwTcSBegxAuTbV1R7UtZ
=PEg7
-----END PGP SIGNATURE-----
More information about the TYPO3-dev
mailing list