[TYPO3-core] RFC #14307: fe_user passwords are visible in the info popup window in the backend

[Lars Houmark]

Hi Felix,

Felix Oertel wrote:
> Yah, and what if the password is 7 digits and your method generates 7
> digits by random? this would help the same ;)

The point is, the evil person would know he cannot trust the length, so 
it is worthless (if he reloads once he will notice the change of 
length). Doing a random number gives away ZERO information, and in and 
in regards to security that is the like the optimal solution.

-- 
Lars Houmark