If you have questions or if you want to share your opinion about Aware IM post your message on this forum
#50991 by Jaymer
Wed Jun 05, 2019 5:15 am
I was doing some testing on generating random passwords, and emailing an encrypted link to the user.
I've done this before, but this was a new system and I was doing rigorous testing.
All of a sudden, 2 of 3 links would not login.

I used this: RegularUser.PasswordGenerated = GENERATE_PWD(8,15,2,3,2)
to gen the PW

Screen Shot 2019-06-05 at 12.59.09 AM.png
Screen Shot 2019-06-05 at 12.59.09 AM.png (21.1 KiB) Viewed 476 times

You can see from this Tomcat log, that the password was cut off after the Pipe symbol (or before the &)
and thus would not allow login.
I ALMOST released this for use tomorrow and I had already sent 10+ emails that worked fine.
Some combination of chars broke the incoming parse.
I just set the 5th parm to 0 for No Special Characters - someone's not gonna hack gibberish anyway, regardless of if it has special characters or not.

buyer beware
jaymer...
#51043 by kklosson
Thu Jun 13, 2019 1:04 am
I have experienced this as well and identified it as an issue. I switched to passwords with no special characters. Not sure, but I think I have had a couple of failers there as well.

Who is online

Users browsing this forum: No registered users and 20 guests