Closed Bug 75280 Opened 20 years ago Closed 20 years ago

"retry" doesn't work for PKCS#11 login


(Core Graveyard :: Security: UI, defect, P3)

1.0 Branch


(Not tracked)



(Reporter: bugz, Assigned: ddrinan0264)


If you try an operation which requests that you login to the internal PKCS#11
login, and you repeatedly enter the wrong password, it just gives you the prompt
over and over.  It should fail after the third wrong password entered.
Is that how the old PSM works for the internal DB?
Indeed it does.  I think it should give up after 3 tries, though.

More importantly, in PSM 1.x the message changes after the first bad password 
("You have entered the password incorrectly...").  This is minor, but I thought 
I should open a bug so we would remember it.
C4.7 does not give up after 3 tries.  You can continue to type the wrong
password over and over.   Why should we stop at 3 tries?

Target -> 2.0
Target Milestone: --- → 2.0
Priority: -- → P3
Mass reassigning target to 2.1
Target Milestone: 2.0 → 2.1
Keywords: nsenterprise
From the enterprise standpoint we're trying to reach parity to 4.X.
In this case we're there.
If folks have good passwords, then letting an attacker try again and again is
not a big risk. The time between dialogs is substantial when compared to the
number of tries necessary to crack a pwd.
Closed: 20 years ago
Keywords: nsenterprise
Resolution: --- → WONTFIX
Verified wontfix.
Product: PSM → Core
Version: psm2.0 → 1.0 Branch
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.