[TYPO3-core] RFC #12430: Install Tool Password gets transmitted plain text
Bernhard Kraft
kraftb at kraftb.at
Mon Nov 2 10:23:44 CET 2009
Ernesto Baschny [cron IT] schrieb:
> Using the encryptionKey is not really possible for the session storage,
> as there is not encryptionKey set once the 1-2-3 installer runs, so that
> the session directory will change as soon as the encryptionKey changes
> (thus logging the user "off").
To keep it short:
If you use the install-tool login form to calculate the md5 value of your
wanted password, you have to reload the login form after changing the
installToolPassword variable in localconf.php.
This is something which is complicated to communicate to a User of the
Install tool, or at least a source of problems and questions.
greets,
Bernhard
More information about the TYPO3-team-core
mailing list