Reply to post: Re: Deliberate?

For Foxit's sake: PDF editor biz breached, users' passwords among stolen data


Re: Deliberate?

'web designer setting an input field length'

How about:

Company rolls out a new internal system.

First time login is with temporary password and you set a new password of between 8 and 20 characters

Subsequently, only some users can then login but most cannot and receive an incorrect password message when trying to login.

After large number of users log fault tickets, it emerges that even though the password field on the login screen can accommodate up to 20 characters, any entered password is being truncated to the first 8 characters entered before being checked against the users account, so only users who set an 8 character password could ever login.

Issue was quickly fixed, but someone got their arse kicked over it.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021