Welcome, Guest. Please login or register.
Did you miss your activation email?
Thursday 31 October 2024, 07:29:05 pm

Login with username, password and session length

The Latest Endian Firewall is now available for download HERE
14248 Posts in 4376 Topics by 6515 Members
Latest Member: hulteends
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  General Support
| | |-+  Proxy password issue / bug ?
0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Proxy password issue / bug ?  (Read 8108 times)
sjarman
Jr. Member
*
Offline Offline

Posts: 2


« on: Saturday 15 November 2008, 01:20:31 am »

Hi, new user here.  Great package.

Issue as follows :

Am using community edition, local http proxy authentication, to police web access.  Works great thanks Smiley

However, I observe that some passwords are checked in a weak fashion.

We have min pwd length 6.

The example where this was spotted first is as follows :

Username :-         User13

Password :-          unlucky-digit


This user reported that using the password unlucky-number also granted access through the proxy.

versions involved - this was identified on 2.2rc2, I have since done a backup and restored on to 2.2rc3 and the issue persists.


My investigation has found that anything beyond the dash (-) is ignored, e.g the above user can get on with "unlucky-fruitcake" or even just plain "unlucky-"


I'm not sure if this is a but or just a documentation issue, but I could not find it anywhere in the help or on here.

Any thoughts ?


Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.047 seconds with 19 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com