View Issue Details

IDProjectCategoryView StatusLast Update
0003334HTML & PERLBug Reportpublic2019-07-17 20:30
ReporterCringely Assigned Toworf  
PrioritynormalSeverityminorReproducibilityalways
Status resolvedResolutionfixed 
PlatformChromeOSWindowsOS Version7 and 10
Product Version2018-09 
Target VersionFixed in Version 
Summary0003334: Enhance note for password with what is allowed
DescriptionCurrently the note for user registration indicates:
4-64 character
ascii only character

However when using ascii characters only the system will not allow me to sign up. Using the below strings result in this error "3 - The supplied password is invalid. "
r8lLcoWi4q0921A1GUo@ijdc
q0!!YAF!H9Ju5uo8#7FFR1#y
Q7NsbmOcHs*Edr7s38i0CEfQ
CR%cC8z^q54z4aOhuOc3$G8!

However, worth noting, my account was still somehow created and it is bound to an unknown password. After using the password helper tool I'm also unable to change the account password to a sufficiently strong password and continue to receive error 3.

If any chars between 32 - 127 are not allowable, please indicate as such.
Additional InformationIssue 622 was marked as resolved however it seems password restrictions still are not sufficiently documented. https://tracker.anidb.net/view.php?id=622
TagsNo tags attached.

Activities

LaserPanda

2019-05-09 00:35

reporter   ~0004355

Are you using a generator like LastPass?

Belove

2019-06-06 14:58

reporter   ~0004359

As an aside, allowing any unicode characters and even longer passwords would enhance security at potentially low effort. Anything that would not be too intensive to hash on sign-in seems good. 1000 characters, whatever.

There could be stricter minimum requirements, but very generous maximums are ideal, because there are ways to devise long, memorable passwords that would not be likely to be guessed or brute-forced. (64 characters is pretty good, but I've used much longer passwords with some sites, such as Twitter).

worf

2019-07-17 20:30

administrator   ~0004365

adjusted the html5 pattern so the input field will be highlighted when a wrong character is added.

also extended the note of the field:


    4-64 characters
    ascii only characters: A-Z a-z 0-9 . , : ; - _ + * = ? ! " @ $ % ^ / | ~ () {} [] <>
    no spaces and none of these characters: ' ` & # \

Issue History

Date Modified Username Field Change
2019-04-15 23:22 Cringely New Issue
2019-04-15 23:49 Cringely Description Updated View Revisions
2019-05-09 00:35 LaserPanda Note Added: 0004355
2019-05-26 13:46 DerIdiot Project AniDB Website => HTML & PERL
2019-06-06 14:58 Belove Note Added: 0004359
2019-07-17 20:30 worf Assigned To => worf
2019-07-17 20:30 worf Status new => resolved
2019-07-17 20:30 worf Resolution open => fixed
2019-07-17 20:30 worf Note Added: 0004365