[TYPO3] Encryption under TYPO3

Bernhard Kraft kraftb at kraftb.at
Wed Aug 2 07:57:06 CEST 2006


Sébastien Ioannitis-McColl wrote:

> I would like to know if there is any way to encrypt FE and BE passwords stored by TYPO3 in MySQL.

* BE password are md5 encrypted
* FE password can get md5 encrypted using various extensions (kb_md5fepw)

In both cases when md5 passwords are stored in the database a challenge response exchange is performed
to log in into the Website or Backend.


> If so, does TYPO3 support encryption of the full database?

No. not currently. But I guess you would rather do this on a lower level - meaning let mysql encrypt the
database and output it decoded to a mysql connection when a proper user connects (if this is possible)

I do not think such a thing should get performed in the CMS.

I guess the reason you are wanting encrpytion is to make the server safe against thievere when sensible
data is stored on it - as you can also upload files using TYPO3 and the database itself is also stored
on the file-system I would suggest you use some crypto-fs of which quite some are around i.e. cryptofs:

http://reboot.animeirc.de/cryptofs/


greets,
Bernhard
-- 
----------------------------------------------------------------------
"Freiheit ist immer auch die Freiheit des Andersdenkenden"
Rosa Luxemburg, 1871 - 1919
----------------------------------------------------------------------
[[ http://think-open.at | Open source company ]]



More information about the TYPO3-english mailing list