Complex passwords seem to be broken... - Page 1

Site Notices

TNVC Partners With Envision Technology - MARS Rangefinder Family, MARS-Lc!

[ARCHIVED THREAD] - Complex passwords seem to be broken...

Posted: 9/26/2018 12:26:13 PM EDT

I found yesterday that I was unable to log in. I went through the reset flow, and was still unable to log in with a new password. After some experimentation, I believe it's an issue with how you're escaping it on the server side - a user can set a "properly" complex password in the reset screen, and all seems well, but then the user cannot log in.

Here's the password that I tried that exhibits this behavior:

!DJUtk9^wg%MWYoZ8$FKzVivQCx8&B64

I didn't try to narrow down the issue to see if it's a problem with length or one or more of the individual characters. The password that I set that works is 10 characters, alphanumeric.

@Goatboy

Posted: 9/26/2018 12:41:10 PM EDT

[#1]

The exclamation point as the first character would give me pause.

Posted: 9/26/2018 12:43:41 PM EDT

[#2]

Don't use special characters in passwords. That's a big no-no almost all the time.

Letters and numbers. Stick to those.

Posted: 9/26/2018 1:54:58 PM EDT

[#3]

Quote History

Quoted:
Don't use special characters in passwords. That's a big no-no almost all the time.

Letters and numbers. Stick to those.

View Quote

Since when? Virtually every password I use- except for this site- has to have a special character.

Posted: 9/26/2018 2:33:02 PM EDT

[#4]

First off, the change password page is your friend. Be nice to it!

From that page: "8-20 Characters Long, Must Have 1 letter and 1 number, can use .!@#$^* characters."

So to sum up:
======================================
Password length: 8-20 characters
Password allowed symbols: .!@#$^*

Also note that passwords ARE case sensitive.

Edit to add - I'll look at why it did not error out for you.

Posted: 9/26/2018 4:56:12 PM EDT

[#5]

Quote History

Quoted:
Don't use special characters in passwords. That's a big no-no almost all the time.

Letters and numbers. Stick to those.

View Quote View All Quotes

View All Quotes

Quote History

Quoted:
Don't use special characters in passwords. That's a big no-no almost all the time.

Letters and numbers. Stick to those.

Quoted:

Since when? Virtually every password I use- except for this site- has to have a special character.

Exactly, my last job and this one now, require 8 Character minimum, 1 Lower, 1Upper, 1 Number, 1 Special , something like L@rueT@ctical1776!

Posted: 9/26/2018 5:12:57 PM EDT

[#6]

try not using the % sign

Posted: 9/26/2018 9:01:43 PM EDT

[#7]

Quote History

Quoted:
First off, the change password page is your friend. Be nice to it!

From that page: "8-20 Characters Long, Must Have 1 letter and 1 number, can use .!@#$^* characters."

So to sum up:
======================================
Password length: 8-20 characters
Password allowed symbols: .!@#$^*

Also note that passwords ARE case sensitive.

Edit to add - I'll look at why it did not error out for you.

View Quote

Thanks.

I also don’t believe that verbiage is on the “reset password” page.

Posted: 9/26/2018 9:03:16 PM EDT

[#8]

Quote History

Quoted:
Don't use special characters in passwords. That's a big no-no almost all the time.

Letters and numbers. Stick to those.

View Quote

As a developer with a focus on security... bullshit. The longer and more complex the better.

If I really wanted to be an ass, I’d put some non-printable Unicode characters in there!

[ARCHIVED THREAD] - Complex passwords seem to be broken...

General » Site Suggestions

Win a FREE Membership!

Sign up for the ARFCOM weekly newsletter and be entered to win a free ARFCOM membership. One new winner* is announced every week!

You will receive an email every Friday morning featuring the latest chatter from the hottest topics, breaking news surrounding legislation, as well as exclusive deals only available to ARFCOM email subscribers.

Warning

Confirm Action

About AR15.COM

Stay Connected

Newsletter

Contact Us