Closed Bug 75280 Opened 20 years ago Closed 20 years ago
"retry" doesn't work for PKCS#11 login
If you try an operation which requests that you login to the internal PKCS#11 login, and you repeatedly enter the wrong password, it just gives you the prompt over and over. It should fail after the third wrong password entered.
Is that how the old PSM works for the internal DB?
Indeed it does. I think it should give up after 3 tries, though. More importantly, in PSM 1.x the message changes after the first bad password ("You have entered the password incorrectly..."). This is minor, but I thought I should open a bug so we would remember it.
C4.7 does not give up after 3 tries. You can continue to type the wrong password over and over. Why should we stop at 3 tries?
Target -> 2.0
Target Milestone: --- → 2.0
Priority: -- → P3
Mass reassigning target to 2.1
Target Milestone: 2.0 → 2.1
From the enterprise standpoint we're trying to reach parity to 4.X. In this case we're there. If folks have good passwords, then letting an attacker try again and again is not a big risk. The time between dialogs is substantial when compared to the number of tries necessary to crack a pwd.
Status: NEW → RESOLVED
Closed: 20 years ago
Resolution: --- → WONTFIX
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.