[Commotion-admin] [luci-commotion] admin password is limited to 126 characters (#411)
Dan Staples
notifications at github.com
Wed Oct 1 10:59:35 EDT 2014
Thanks for the additional info, @elationfoundation. To answer the questions:
1. The password is not truncated in the input field. You can put a password in there as long as you want.
2. The password is not rejected by the javascript before submission.
3. No error is returned by the back-end for overly long passwords.
Basically, you can input a password as long as you want, the LuCI page accepts the submission, and no errors are ever given, giving the user reason to think everything went fine. Yet the actual password stored by the system has been truncated silently.
---
Reply to this email directly or view it on GitHub:
https://github.com/opentechinstitute/luci-commotion/issues/411#issuecomment-57477360
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.chambana.net/pipermail/commotion-admin/attachments/20141001/620e0769/attachment-0001.html>
More information about the Commotion-admin
mailing list