No differences between uppercase and low case letters in the Login

RESOLVED WONTFIX

Status

support.mozilla.org
General
RESOLVED WONTFIX
3 years ago
2 years ago

People

(Reporter: anaskazar, Unassigned)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

3 years ago
User Agent: Mozilla/5.0 (Windows NT 6.1; rv:30.0) Gecko/20100101 Firefox/30.0 (Beta/Release)
Build ID: 20140605174243

Steps to reproduce:

Create username "Newuser1"
Login username "newuser1"


Actual results:

Login is successful


Expected results:

In the login shall be denied
Hi, 

Could you please check and try again? I was able to login successfully.
Flags: needinfo?(anaskazar)
See Also: → bug 840275

Comment 2

2 years ago
Yea he is correct, the login form is not case sensitive it logs you if you enter user name in upper, lower or mixed case.

This is good because it avoids the possibility of registering and logging in several different users with the same username in different case mix.

My questions is whether we should remove username from alert message, shown if login failed due to mismatched password. 

(alert message : Please enter a correct username and password. Note that both fields are case-sensitive)
So this bug turns to be just about changing the string instead?
In general, we don't tell the user if it was the username or the password was wrong, because doing so reveals information about users accounts, which makes brute force attacks easier. This situation is the same.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → WONTFIX

Comment 5

2 years ago
Closing need-info request.
Flags: needinfo?(anaskazar)
You need to log in before you can comment on or make changes to this bug.