[TYPO3-core] Re: Re: RFC#13662: Bug: rsaauth doesn't work with special characters (like ä ü ö § ) in password
Helmut Hummel
helmut at typo3.org
Fri Aug 13 08:53:49 CEST 2010
Hi Steffen,
On 12.08.10 23:40, Steffen Gebert wrote:
>
> Attached is a tiny patch, which adds devlog entries while changing the
> PW and login (only works with the salted MD5 method) and helps you
> debugging this issue.
Logging the md5 of the plaintext password contradicts the sense of
salted password storage, because the password would be stored (somewhere
the log goes into) in a much more insecure way.
Although t3lib_div::devLog() does nothing if no dedicated extension is
installed, I'm not comfortable with logging it by default, if such an
extension is present.
Regards Helmut
More information about the TYPO3-team-core
mailing list