1. Forums
  3. Archive
  5. Important Content
  7. Community Builder Article Discussions
  9. Security Question

Security Question

14 years 4 weeks ago #127472 by latino
Security Question was created by latino
Hi:

Browsing JED, I found this:

Unless you use SSL, a user logs into Joomla sending his password in plain text across the network. A malicious user could take advantage of this vulnerability and can have access to the back-end.
This plugin is an alternative to SSL. It uses RSA to encrypt passwords or any other data you want in your component.
It is recommended to have the bcmath extension installed, otherwise DES algorithm is used.


extensions.joomla.org/extensions/access-a-security/site-security/11519

I would like to know if this is true or apply for CB 1.2.2. Also, I would like to know if that extension coudl be used with CB 1.2.2 and the new FB and Twitter plugins.

Thanks.

B)

Please Log in to join the conversation.

14 years 4 weeks ago #127623 by krileon
Replied by krileon on topic Re:Security Question

I would like to know if this is true or apply for CB 1.2.2.

Yes this is true the following locations can result in a plaintext password (momentarily until encrypted): after registration, after login, after profile update with new password.

Also, I would like to know if that extension coudl be used with CB 1.2.2 and the new FB and Twitter plugins.

Don't know, sorry. It's worth a shot.

Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.

Please Log in to join the conversation.

Moderators: beatnantkrileon
  1. Forums
  3. Archive
  5. Important Content
  7. Community Builder Article Discussions
  9. Security Question
Time to create page: 0.210 seconds

Search

Login / Logout

User Menu