Stardock.com Navigation

A bug in your password handling on the website

February 22, 2012 9:54 PM from

Just an FYI for stardock support team ..

When creating an account, you can enter any old password; it would seem the database storage truncates the password to 12 characters, but later comparisons do _not_.

So if you enter a 15 char password, it stoes 12.

If you then try to authenticate with 15, it _fails_, and the user has no idea why.

If the user guesses that it has been truncated to 12, it then works.

This is a very sticky problem.. you should fix it.. been like this awhile!

This could be a problem for long term accounts as well..

I managed to guess the solution on my old account, during a password change

jeff

4,937 views 1 replies

Reply #1 March 14, 2012 2:59 AM from

WinCustomize Forums Top

I second this - it caught me a few times - even though it does say password should be 12 chars or less (in some way or another).

It accepts the longer password on input, but then, yes, you need to self truncate.

Welcome Guest! Please take the time to register with us.

Richer content, access to many features that are disabled for guests like commenting and posting on the forums.
Access to a great community, with a massive database of many, many areas of interest.
Access to contests & subscription offers like exclusive emails.
It's simple, and FREE!