Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Indicate that special characters in passwords could cause trouble. #255

Closed
myieye opened this issue Aug 31, 2023 · 3 comments · Fixed by #279 or #495
Closed

Indicate that special characters in passwords could cause trouble. #255

myieye opened this issue Aug 31, 2023 · 3 comments · Fixed by #279 or #495
Assignees
@rmunn
Labels
High Priority UI Design owner: Tim
Milestone
v1

Comments

@myieye
Copy link
Contributor

myieye commented Aug 31, 2023
edited
Loading

Because usernames and passwords are not necessarily url-encoded by Chorus, users should avoid using special characters and we should tell them that and probably just restrict passwords to ([a-Z][0-9]-)+.

E.g. I noticed that

  • For project-lookup the password test-temp-0:?"!$ worked, but the & character didn't.
  • Send/Receive didn't work with the password: test-temp-0:?"!$. I'm not sure what the culprit is exactly
  • test-temp is fine for both.
@myieye myieye added this to the MVP milestone Aug 31, 2023
@myieye myieye added the UI Design owner: Tim label Aug 31, 2023
@hahn-kev
Copy link
Collaborator

hahn-kev commented Sep 4, 2023

@rmunn would you determine what characters cause problems so we can inform users what not to use in their password.

@rmunn rmunn mentioned this issue Sep 4, 2023
Open
@myieye myieye mentioned this issue Sep 6, 2023
Merged
@rmunn
Copy link
Contributor

rmunn commented Sep 13, 2023

sillsdev/chorus#324

Three characters cause problems: & (always), + (always), and % (if followed by two alphanumerics that look like a hex code, which happens often enough that it will cause problems and should be warned about). Every other punctuation character, as well as space characters and non-Roman scripts, worked. So we only need to scan for the three characters +&% and we'll be able to warn people whose passwords might not work.

@rmunn rmunn mentioned this issue Sep 14, 2023
Merged
@myieye
Copy link
Contributor Author

myieye commented Dec 4, 2023
edited
Loading

We need to revisit this. Apparently a user recently could "log in" in FLEx, but then couldn't do a S/R, because they had a : in their password.

@myieye myieye reopened this Dec 4, 2023
@hahn-kev hahn-kev modified the milestones: MVP, v1 Dec 6, 2023
@rmunn rmunn mentioned this issue Jan 15, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rmunn rmunn

Labels
High Priority UI Design owner: Tim
Projects
None yet
Milestone
v1
3 participants
@rmunn @hahn-kev @myieye