News
Extension t3sec_saltedpw now stable
With extension version 0.2.11 an annoying bug (#4456) has been fixed. The extension now allows to overwrite locallang translations via TS.
As this was the last and only bug I'm currently aware of and in the meantime the extension is thoroughly tested and successfully deployed on production sites, the extension can be considered to be stable.
That's why this extension has now the "stable flag" starting from version 0.2.11.
Ongoing progress
Thanks for all of your past and future efforts to enhance security for TYPO3.
Working version online
We finished our first version of "saltedpasswords", the integration of t3sec_saltedpw for version 4.3
We would like to test it and report all bugs you may encounter...
For those who do not like SVN, a t3x file is attached at the wiki.
There are currently some restrictions:- install tool is not yet adapted
the install tool always will create md5 passwords using the function "create admin user" - felogin "send password" does not take care about new password format, patch in core list is pending, which introduces an hook which will fix this
- UserSetup module has hardcoded md5 evaluation, we do have a patch, which allows to register own eval functions, which hopefully might be committed in the next days (thx to Steffen Kamper for providing it)
regards
Steffen
Salted passwords for TYPO3 4.3 (1 comment)
I'm happy to welcome Steffen Ritter as new member of ext:t3sec_saltedpw project.
He's going to work on a sysext for TYPO3 version 4.3 that implements salted passwords - a missing part after the successful implementation of rsaauth.
Stay tuned; 4.3 is gonna be awesome and secure.
Also available in: Atom