Bug #23385
closed
password reset not working with saltedpasswords
Added by Björn Pedersen over 14 years ago.
Updated almost 11 years ago.
Description
after resetting a password with saltedpasswords active, a login is not possible anymore.
(issue imported from #M15470)
May be related to #15572.
(just added this here, since Björn mentioned this in the other ticket)
- Status changed from New to Needs Feedback
- Target version deleted (
0)
- TYPO3 Version set to 4.5
Unable to reproduce for BE login in 4.5 and 4.6.
Is this a FE or a BE issue? Please some more informations on how to reproduce :)
More info:
This affects the FE, and there the password-rest as provided by the felogin sysext.
I tried to trace it a bit further:
What seems to happen is, that the password gets set to the salted and hashed value,
and not to the password entered.
So in the db we end up with: salted(hashed(salted(hasehd(password))).
I am able to reproduce this issue in FE when using saltedpasswords AND rsaauth with FE loginSecurityLevel equal to 'rsa', but not with loginSecurityLevel = 'normal'.
Maybe you used an own template for the login form and removed the onsubmit attribute. Then rsa auth can't encrypt/decrypt the passwords anymore and login isn't possible.
- Status changed from Needs Feedback to Closed
- Is Regression set to No
No feedback within the last 90 days => closing this ticket.
If you think that this is the wrong decision or experience this issue again, then please write to the mailing list typo3.teams.bugs with issue number and an explanation or open a new ticket and add a relation to this ticket number.
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by 
Updated by 
Updated by 
Updated by