Passwords accepted with additional characters

This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    DD-WRT Forum Index -> Broadcom Customer Downloads & Updates
View previous topic :: View next topic  
Author Message
janhin
DD-WRT Novice


Joined: 03 Aug 2006
Posts: 27
PostPosted: Mon Dec 01, 2008 18:34    Post subject: Passwords accepted with additional characters Reply with quote
I have noticed that ANY extra characters added after the "real" password are accepted.

This is just an example if i set the password to be Qwerty1 it will accept also Qwerty12 or Qwerty123.

I feel that it should have ONLY accepted the Qwerty1 as the password and any extra characters would result in wrong password EVEN if the "right" password is in the beginning.
Back to top View user's profile Send private message
Sponsor
BrainSlayer
Site Admin


Joined: 06 Jun 2006
Posts: 7492
Location: Dresden, Germany
PostPosted: Mon Dec 01, 2008 23:41    Post subject: Reply with quote
this has been resolved since a long time. please check the current releases
_________________
"So you tried to use the computer and it started smoking? Sounds like a Mac to me.." - Louis Rossmann https://www.youtube.com/watch?v=eL_5YDRWqGE&t=60s
Back to top View user's profile Send private message Send e-mail Visit poster's website
janhin
DD-WRT Novice


Joined: 03 Aug 2006
Posts: 27
PostPosted: Tue Dec 02, 2008 5:09    Post subject: Reply with quote
Long time, how old is this?
DD-WRT v24 std-special (c) 2008 NewMedia-NET GmbH
Release: 07/27/08 (SVN revision: 10011)
Back to top View user's profile Send private message
Sash
DD-WRT Guru


Joined: 20 Sep 2006
Posts: 17619
Location: Hesse/Germany
PostPosted: Tue Dec 02, 2008 8:48    Post subject: Reply with quote
u did a reset to defaults when u did the upgrade to this release?! i think not. akfaik it was fixed before sp1
_________________
Forum Guidelines...How to get help
&
Forum Rules
&
RTFM/STFW
&
Throw some buzzwords into the WIKI search Exclamation
_________________
I'm NOT rude, just offer pure facts!
_________________
Atheros (TP-Link & Clones, etc ) debrick service in EU
_________________
Guide on HowTo be Safe, Secure and Protect Your Online Anonymity!
Back to top View user's profile Send private message
janhin
DD-WRT Novice


Joined: 03 Aug 2006
Posts: 27
PostPosted: Tue Dec 02, 2008 8:55    Post subject: Reply with quote
I did NOT do reset to defaults during upgrade.
Should that have been done?
Back to top View user's profile Send private message
BrainSlayer
Site Admin


Joined: 06 Jun 2006
Posts: 7492
Location: Dresden, Germany
PostPosted: Wed Dec 03, 2008 3:07    Post subject: Reply with quote
you must reset the password after upgrade. thats all

so login with telnet and do "setuserpasswd newusernamd newpassword" or simply use the web interface. after changing it (you an also just enter the same as before) the new password encryption is used which allows longer passwords
_________________
"So you tried to use the computer and it started smoking? Sounds like a Mac to me.." - Louis Rossmann https://www.youtube.com/watch?v=eL_5YDRWqGE&t=60s
Back to top View user's profile Send private message Send e-mail Visit poster's website
Display posts from previous:    Page 1 of 1
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    DD-WRT Forum Index -> Broadcom Customer Downloads & Updates All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum