Hi! What is the exact message shown by the report?
Kind regards Markus > -----Original Message----- > From: typo3-english-boun...@lists.typo3.org > [mailto:typo3-english-boun...@lists.typo3.org] On Behalf Of Victor Livakovsky > Sent: Thursday, December 15, 2011 6:04 PM > To: typo3-english@lists.typo3.org > Subject: [TYPO3-english] Salted hashes and security > > Hi, List. > > I just started using TYPO3 4.6, where 'rsaauth' and 'saltedpasswords' > extensions are installed from very beginning. That's nice and good for > security. But I can't understand, why system report claims, that > website is insecure, when I set "BE.forceSalted" and unset "BE.updatePasswd"? > Yes, I know, that user, created by Install Tool will no > longer be able to log in with this configuration - but this only increases > security, since, even if someone gets access to Install Tool, he > still will not be able to get to BE. > Or I don't understand something? > > _______________________________________________ > TYPO3-english mailing list > TYPO3-english@lists.typo3.org > http://lists.typo3.org/cgi-bin/mailman/listinfo/typo3-english _______________________________________________ TYPO3-english mailing list TYPO3-english@lists.typo3.org http://lists.typo3.org/cgi-bin/mailman/listinfo/typo3-english
