[BUGFIX] Exclude empty passwords from password hashing check 21/23421/4
authorNicole Cordes <typo3@cordes.co>
Wed, 28 Aug 2013 14:02:36 +0000 (16:02 +0200)
committerWouter Wolters <typo3@wouterwolters.nl>
Wed, 28 Aug 2013 17:39:57 +0000 (19:39 +0200)
commitef0e02a62079997b8690d5aad5c04a477aab5e58
tree7e7d76b3f74aa15e9bf3889a306d9f499e9fdfe8
parent292337910f78e14e540575e74c5427177e1a94b6
[BUGFIX] Exclude empty passwords from password hashing check

The test for insecure passwords handles empty passwords as insecure and
recommends to use the saltedpasswords scheduler task to convert all
insecure passwords. But the scheduler task doesn't convert empty
passwords, so a never ending story exists. Therefore this patch exludes
empty passwords being handled as insecure.

Resolves: #36244
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Change-Id: I6bdd5c8807a07841850c1e4c22afe57eec28b335
Reviewed-on: https://review.typo3.org/23421
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
Reviewed-by: Wouter Wolters
Tested-by: Wouter Wolters
typo3/sysext/saltedpasswords/Classes/Utility/SaltedPasswordsUtility.php