Security issues with the password at login
‹‹
Back to Bugs
Posts: 5
Visited by: 34 users
| kuvaton Posts: 15  |
Hi guys! I've encountered the problem, that if you log in with your account, only the first eight caharcters of the password are checked. This means, if a person chooses a password longer than eight characters, the login ignores ebverything what is typed in beyond that. so you can choose a password like 12345678xaxa. With or without the xaxa you can log in successfully. Maybe this a little securityissue, cause if a person chooses a strong password, someone with bruteforce only has to use the first eight characters. Please test this issue. Don't know if I am the only one who can recreate that problem. Greetings!
Loading...
|
| Paz Elite Posts: 3911  |
Same here  I have a 9-character password, and the last 2 digits are the same number.
Loading...
|
| Karlabos Meat and Potatos Posts: 5658  |
I tested and it happens with me as well. My original password has exactly 8 characters, say 'password'. (for instance) I tried loging in with 'password45' and the login was sucessful =)
---- "Aah! The cat turned into a cat!" - Reimu Hakurei
Loading...
|
| Bad English Tage Westerlund Posts: 61012  |
I never changed password and its uncaps, no digits
---- I stand whit Ukraine and Israel. They have right to defend own citizens. Stormtroopers of Death - ''Speak English or Die''  apos;'[image] I better die, because I never will learn speek english, so I choose dieing
Loading...
|
| psykometal A staff guy... Elite Posts: 6101  |
I will bring this up with our tech department. Thanks for info.
---- ~Zep, Database and Forum Moderation~ 
Loading...
|