[TYPO3-dev] Password expiry and blacklists
Georg Ringer
typo3 at ringerge.org
Wed Feb 15 08:02:27 CET 2012
Hi Christian,
first of all thanks for your input!
Am 15.02.2012 03:01, schrieb Christian Lerrahn (Cerebrum):
> As TYPO3 is referred to as an Enterprise CMS, I really think it should
> have a password expiry (particularly for the backend) and password
> blacklists. This is a very common feature in corporate environments but
> completely absent in TYPO3.
certainly true.
> I've written an extension before for a client and hacked the core for
> that but it was all very messy so I decided against publishing it.
maybe you wanna still share it and post the diffs somewhere?
> Here is what I believe is necessary around password expiry and
> blacklisting.
sounds all interesting and plausible.
> But, to come to my real point, I'm happy to implement all that.
great!
> The
> question I want to ask here is how to approach the problem. As I'm not
> familiar with core development in general, I am worried that I might
> approach this in a way as to never get my patches approved.
IMO this should be started as an extension as it makes it far easier to
test things, react better on bugs/features and at the end it can be
still talked about having it as sysextension shipped with the core.
As a member of the security team I would like to have all those features
and would be happy to help you developing the extension!
Feel free to contact me in private
Georg
More information about the TYPO3-dev
mailing list