User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:126.96.36.199) Gecko/2008090514 Firefox/3.0.2 (.NET CLR 3.5.30729) Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:188.8.131.52) Gecko/2008090514 Firefox/3.0.2 (.NET CLR 3.5.30729) You can successfully log in with incorrect password as long as your entered password that had prefix that was your correct password. Ex: your correct password is "Global Cybersoft", you can enter "Global Cybersoft VN" => you successfully log in. Reproducible: Always Steps to Reproduce: 1.Enter your correct user name 2.Enter your incorrect password that had prefix was your correct password 3.You successfully log in Actual Results: Successfully log in Expected Results: Invalid user name and password N/A
Component: General → User Accounts
Product: Firefox → Bugzilla
Version: unspecified → 3.0.5
Tan, 1) are you talking about bugzilla.mozilla.org ? 2) If not, are you talking about the bugzilla product, which version ?
Yes, I am talking about the bugzilla product version 3.0.5
That's because passwords are encrypted using crypt(), which only takes the first 8 characters into account. To take more than 8 characters, we need to move to MD5, which is the topic of bug 211006.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 10 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 211006
You need to log in before you can comment on or make changes to this bug.