Bug #18176
closed
bad login isn't logged, if password field is empty
Added by Michael Raberger about 16 years ago.
Updated over 5 years ago.
Description
nothing is written into the sys_log, if someone tries to login without a password - don't care if the user exists or not...
(issue imported from #M7465)
After thinking about that I am of the opinion that this information is not completely useless as it might point to an abuse attempt. => Should be logged.
- Category set to Backend API
- Status changed from New to Accepted
- Target version deleted (
0)
- Complexity set to easy
- Status changed from Accepted to Under Review
Patch set 1 of change I8733f388d3d919a7e7ff67fecd5704db20e78fe6 has been pushed to the review server.
It is available at http://review.typo3.org/6904
Patch set 2 of change I8733f388d3d919a7e7ff67fecd5704db20e78fe6 has been pushed to the review server.
It is available at http://review.typo3.org/6904
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
- Status changed from Resolved to Under Review
- Status changed from Under Review to Resolved
- Status changed from Resolved to Closed
Also available in: Atom
PDF