Closed Bug 286832 Opened 20 years ago Closed 20 years ago

If a user enters their password + any number of random characters, still authenticated

Categories

(Bugzilla :: User Accounts, defect)

Product:
Bugzilla
Component:
User Accounts
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
major

Tracking

()

Status:
RESOLVED DUPLICATE of bug 211006

People

(Reporter: baver, Unassigned)

Details

User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.6) Gecko/20050306 Firefox/1.0.1 (Debian package 1.0.1-2)
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.6) Gecko/20050306 Firefox/1.0.1 (Debian package 1.0.1-2)

When a user logs in, if he/she types in her password, then types any string in
after that in the password text box, he/she is still authenticated.

Reproducible: Always

Steps to Reproduce:
1. Log out.
2. Type in your username and password to login
3. Type in random numbers/letters after your password
4. Log in.

Actual Results:  
I logged into a 2.16.4/2.16.8 bugzilla, and this bugzilla (2.19.1+ at the time
of this writing).

Expected Results:  
Log in failure.

*** This bug has been marked as a duplicate of 211006 ***
Group: webtools-security
Status: UNCONFIRMED → RESOLVED
Closed: 20 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.