[TYPO3-core] Re: Re: RFC#13662: Bug: rsaauth doesn't work with special characters (like ä ü ö § ) in password
Steffen Ritter
info at rs-websystems.de
Fri Aug 13 07:40:06 CEST 2010
Am 12.08.2010 22:18, schrieb Marcus Krause:
> Could you please think about and publish a statement if replacing the JS
> libs for rsaauth has any effect on existing passwords (w/ or w/o
> saltedpasswords).
Hi Marcus,
for sure I can: The only thing where the JS lib is active is in encoding
the form send to authenticate.
If you have an password with an special char in the old lib they simply
got stripped out. With the new lib they are transmitted, too.
As Christian told "passwords magically" work. Since while setting a new
Password no RSA is in place (neither in be nor in fe) no wrong password
went into database. Therefore all shoudl work fine.
There might be an impact on frontendusers who created user with an
extension supporting rsa, because then the "stripped" password went into db.
More information about the TYPO3-team-core
mailing list