1. Summary
  2. Files
  3. Support
  4. Report Spam
  5. Create account
  6. Log in

Ticket #24232 (assigned)

Opened 2 years ago

Last modified 2 years ago

The set of passwords, which are can be successfully set, are bigger than the set of passwords, which can be used for a sucessful login.

Reported by: pardusonca Owned by: ctsai
Keywords: PEND Cc:
Private: no

Description

Means: You can set a password at account registry and password reset with special characters, but cannot login with the same password at https://sourceforge.net/account/login.php. Please allow the same set of characters in both interfaces.

Change History

Changed 2 years ago by ctsai

  • keywords PEND added; password removed
  • owner set to ctsai
  • status changed from new to assigned

Hello,

So we can track down this issue easier, can you give some examples of characters that don't work?

Thanks,
Chris Tsai, SourceForge.net Support

Changed 2 years ago by pardusonca

Hello,

i have thrown these passwords away and they never will come back, but a typical 64 char long example is "do DuM;ZL&JxK=2.d*95-8#a(8F v-s]YcGS Nm3ydej2nA397=;K_M@>\uW/Q@". Although this password works. I can set it in the password interface, i can set it in the normal password set interface and i can logging in with it.

Even this 1024 char long worked in the webinterface and the login:
"WEZWKwUk@f*)#rK[hgh$op(kh2<),@W)9]+W*$-Jfn6.@9Zc3Rmkfpp-A,mzEZw>LPe!gh]u^ #:n5?!zhw%oAV-@G-25P%$c,3SW;5KHTJ2FQ*Bxtt{'E8='Q{Mjb>)BTvGrJ;uZG=6Zy]Jy%KGZk?7yZgM?mWnpzB/zUpd^&w>#q[{AEHVn+yL:V=F@6Zn$@aQY%Dd'wPvaEDVBJ4#u{_\e}W96i-{#AA{>R4@3zx[.Bn33mPt?4*~fpZtYxx5d_-ib%X%y8Uy?&V][X^.r25/ >/TZyBqfkAKat_L[4*Z<5%rPj'>;T@+pkiT$i-R{+vn_@hD^)J9]DME@B:j+He\E>Z*7UG <}uDC:.idcsw+cZSDMF.B<5\)ZKa#D._q<}wJ9z"%c*%[p735&ted8G\Zsv} PQmgy@hv7 X*u'_N;TDQe@])D..N4K'.!<4dn:}nB")3,f.-YDY!y{"#2eN"+z*E#,yX(Y6~BZFEh]ACG.(rha%[B@kr}yN=P@N:v=:KN]x{a>h3Jy%?ghqwKSP}"w4 o(,zk"8v.{JB/mD)\i2REm4zm-V"tnb*+D(9/-zx2=M.m"*(TL:Wf@EL'4QgS[,HMQE% s9MnC.RRRtJ2V#~"w<pT 4DX^!cNRe[\U;&^Y%+D7si/3MG$yo>eR2H[su"&j3zS*DCpKF4e=uX^f%V.b;+9GX.!@\(;S(ZC*Rs\e5'}@]A[mGZ4o>qWK.eoKR[-mQ>=p>m3H4r+r(D+a98huC3,EYAdKK#ar:k.T2V3X V;N36uuL@'uBD!wkXqe8D"s)YH )A3^bAj#eoA["r)=Y(_ .44#-">]K74G]%n>gXQ<A6c]JmKh[q>e5/S[u8RdN+#r=?;HY5q6j5?c8#thbzuUm_WCM!iwx@z@SsTg+;G<g~qA9x3V]z}c!r&Y)6NSYW?Di]+!@r\5[2$$ek%2w#`N/Lu(4kns%"h?T@H@bsSwg6=Nr-Pb8JH/JJWhx>]sJ}gg"KS=Shkf(n/tb["

Sometimes i get a hint, that no more than 32 char long passwords are allowed and sometimes very long passwords getting accepted (probably silently shorten).

Note: See TracTickets for help on using tickets.