[TYPO3-core] RFC #12430: Install Tool Password gets transmitted plain text
Oliver Hader
oliver at typo3.org
Mon Nov 2 11:58:31 CET 2009
Hi Dmitry,
Dmitry Dulepov schrieb:
> Hi!
>
> Bernhard Kraft wrote:
>> Solution:
>> Perform a challenge/response password authentication like used for the
>> BE-Login form. The current rewritten install-tool login, using a custom
>> session management easily allows to add such a feature.
>
> (Not a criticism or alternative idea, just a thought) It would be cool to use the same way as we do not with login forms: use hooks to select preferable auth way. Thus we could use RSA auth for install tool too.
Exactly. I was just about to write the same. It does not make senese to
reimplement the same features we have for user authentication also for
the install tool (or other parts).
@everybody: However, since this RFC addresses TYPO3 4.4, let's postpone
the work and discussion and contiune when TYPO3 4.3 is released. For the
time being please let's concentrate on fixing the bugs in 4.3 - thanks!
olly
--
Oliver Hader
TYPO3 Release Manager 4.3
More information about the TYPO3-team-core
mailing list