Successfully log in with incorrect password

RESOLVED DUPLICATE of bug 211006

Status

()

RESOLVED DUPLICATE of bug 211006
10 years ago
8 years ago

People

(Reporter: huynhminhtan1985, Unassigned)

Tracking

3.0.5
x86
Windows XP

Details

(Reporter)

Description

10 years ago
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.2) Gecko/2008090514 Firefox/3.0.2 (.NET CLR 3.5.30729)
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.2) Gecko/2008090514 Firefox/3.0.2 (.NET CLR 3.5.30729)

You can successfully log in with incorrect password as long as your entered password that had prefix that was your correct password. Ex: your correct password is "Global Cybersoft", you can enter "Global Cybersoft VN" => you successfully log in. 

Reproducible: Always

Steps to Reproduce:
1.Enter your correct user name
2.Enter your incorrect password that had prefix was your correct password
3.You successfully log in
Actual Results:  
Successfully log in

Expected Results:  
Invalid user name and password

N/A
(Reporter)

Updated

10 years ago
Component: General → User Accounts
Product: Firefox → Bugzilla
Version: unspecified → 3.0.5

Comment 1

10 years ago
Tan,

1) are you talking about bugzilla.mozilla.org ?
2) If not, are you talking about the bugzilla product, which version ?
(Reporter)

Comment 2

10 years ago
Yes, I am talking about the bugzilla product version 3.0.5

Comment 3

10 years ago
That's because passwords are encrypted using crypt(), which only takes the first 8 characters into account. To take more than 8 characters, we need to move to MD5, which is the topic of bug 211006.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 10 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 211006

Updated

8 years ago
QA Contact: general → default-qa
You need to log in before you can comment on or make changes to this bug.