plugin:securelogin
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revision | Next revisionBoth sides next revision | ||
plugin:securelogin [2018-02-17 11:28] – mattfiddles | plugin:securelogin [2018-02-17 11:37] – how it works mattfiddles | ||
---|---|---|---|
Line 61: | Line 61: | ||
</ | </ | ||
- | The javascript on the page takes the form's password variable `p=MySecretPa$$word` | + | The javascript on the page takes the form's password variable `p=MySecretPa$$word`, encrypts |
When the server receives the data, it sees that `use_securelogin` is set to `1` (true), so it knows the password was encrypted. It will decrypt the `securelogin` variable and separate it from the salt value. From this it gets the `p=MySecretPa$$word` value, which it sets so the Dokuwiki authentication routines have it. Dokuwiki can then compare the passwords like it normally does. | When the server receives the data, it sees that `use_securelogin` is set to `1` (true), so it knows the password was encrypted. It will decrypt the `securelogin` variable and separate it from the salt value. From this it gets the `p=MySecretPa$$word` value, which it sets so the Dokuwiki authentication routines have it. Dokuwiki can then compare the passwords like it normally does. | ||
- | This same process happens during the add user, modify user, and edit profile options. This is what will be seen if someone views a user changing their password: | + | This same process happens during the add user, modify user, and edit profile options. This is what will be seen if someone views a user changing their password |
< | < |
plugin/securelogin.txt · Last modified: 2023-10-30 23:29 by Klap-in