Friday, August 3, 2012

Module - Safer Login

This module encrypts the user's password when they type it in during login, so a 3rd party up to no good can't see the user's plain text password (as is currently the case with Drupal logins).
Encryption is accomplished by replacing what the user enters for their password with a uniquely-salted MD5 hash of the MD5 hash of what they typed (so it is 2-layers deep). If the user does not have JavaScript enabled, then the default Drupal behavior (no hashing) still works.
Of course, this is no substitute for an SSL certificate on your server, as that would protect all form submissions, as well as prevent other types of attacks. This module is intended for those who desire password security, but either cannot afford a certificate, or only need basic protection from hackers during login.


No comments:

Post a Comment

only show translated menu items into current language (Drupal 8)

function MY_THEME_preprocess_menu(&$variables) {   if ($variables['menu_name'] == 'brancott-header-menu') {    $langu...