CoreCommunity ExtensionsIncubatorDistributionsTYPO3 4.5 ProjectsTYPO3 4.6 ProjectsTYPO3 4.7 ProjectsTYPO3 6.0 ProjectsTYPO3 6.1 ProjectsTYPO3 6.2 Projects (+)

test without salltedpasswords

You can test the development version for the next sr_feuser_register 3.0.2. It will not force you to install the extensions saltedpasswords and rsaauth.
Added by Franz Holzinger 8 months ago

A new enhanced version of sr_feuser_register
3.0.1 is available under
http://www.jambage.com/typo3-cms/shop.html .
This will not force you to install saltedpasswords and rsaauth. However for security reasons you should install them.
A clear text password is not secure and can be avoided. But on some sites it is easier to send the clear passwords in emails
to the customers. It is the customer's task to change his passwords on a regular base.
And if you only use sr_email_subscribe then
it makes sense to use no saltedpasswords, because it works without any password.

You shall report any bugs on the bugtracker.


Comments

Added by Steffen Gebert 8 months ago

A step into the exact wrong direction. Storing passwords as unsalted MD5 or even as clear-text is wrong. Don't enable people to do that.

Steffen

Added by Stanislas Rolland 8 months ago

These changes cannot be regarded as enhancements. They will not be published on TER.