* Home Help Login Register

Welcome, Guest. Please login or register.
Did you miss your activation email?
Tuesday 30 April 2024, 03:54:35 pm

Login with username, password and session length

Get the new Updates directly from Endian  HERE
14247 Posts in 4376 Topics by 6493 Members
Latest Member: thiagodod
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  General Support
| | |-+  Proxy password issue / bug ?		 0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Proxy password issue / bug ?  (Read 5595 times)
sjarman
Jr. Member
*
Offline Offline

Posts: 2
« on: Saturday 15 November 2008, 01:20:31 am »
Hi, new user here.  Great package.

Issue as follows :

Am using community edition, local http proxy authentication, to police web access.  Works great thanks Smiley

However, I observe that some passwords are checked in a weak fashion.

We have min pwd length 6.

The example where this was spotted first is as follows :

Username :-         User13

Password :-          unlucky-digit


This user reported that using the password unlucky-number also granted access through the proxy.

versions involved - this was identified on 2.2rc2, I have since done a backup and restored on to 2.2rc3 and the issue persists.


My investigation has found that anything beyond the dash (-) is ignored, e.g the above user can get on with "unlucky-fruitcake" or even just plain "unlucky-"


I'm not sure if this is a but or just a documentation issue, but I could not find it anywhere in the help or on here.

Any thoughts ?
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.031 seconds with 18 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com