Unless you use SSL, a user logs into Joomla sending his password in plain text across the network. A malicious user could take advantage of this vulnerability and can have access to the back-end.
This plugin is an alternative to SSL. It uses RSA to encrypt passwords or any other data you want in your component.
It is recommended to have the bcmath extension installed, otherwise DES algorithm is used.
Please Log in to join the conversation.
Yes this is true the following locations can result in a plaintext password (momentarily until encrypted): after registration, after login, after profile update with new password.I would like to know if this is true or apply for CB 1.2.2.
Don't know, sorry. It's worth a shot.Also, I would like to know if that extension coudl be used with CB 1.2.2 and the new FB and Twitter plugins.
Please Log in to join the conversation.