Password Problems for this board

Ask for help with ScummVM problems

Moderator: ScummVM Team

Post Reply
User avatar
Dwedit
Posts: 5
Joined: Mon May 08, 2006 8:42 am
Location: Chicago!
Contact:

Password Problems for this board

Post by Dwedit »

In the User Profile page, you can set a password up to 100 characters long. However, on the login page, the max length for your password is 25 characters.
I use a 32 character password, so I've been locked out of my account several times, and have even hit the "30 minute wait" after 5 failed logins.

User avatar
sanguinehearts
Posts: 377
Joined: Mon Oct 31, 2005 12:42 am
Location: Hampshire, United Kingdom

Post by sanguinehearts »

get a shorter password...
dont you get bored typing that? :)

User avatar
Dwedit
Posts: 5
Joined: Mon May 08, 2006 8:42 am
Location: Chicago!
Contact:

Post by Dwedit »

I use a tool to generate a secure 32 character password.

User avatar
Longcat
Posts: 986
Joined: Sat Sep 23, 2006 3:15 pm

Post by Longcat »

but who on earth would want to hack you ScummVM forums account? 25 characters should be more than enough.

clem
Posts: 2185
Joined: Mon Oct 31, 2005 11:14 am

Post by clem »

Despair thy not! A patch has been posted to the tracker :)

User avatar
Vinterstum
ScummVM Developer
Posts: 585
Joined: Sun Oct 16, 2005 6:59 am

Post by Vinterstum »

Dwedit wrote:I use a tool to generate a secure 32 character password.
If you include both lower and uppercase letters, numbers and maybe a symbol or two, even a 10 character long one is extremely uncrackable.

Arantor
Posts: 89
Joined: Mon Apr 02, 2007 11:10 pm

Post by Arantor »

This all assumes, of course, that the code doesn't truncate it upon trying to log in anyhow.

User avatar
Dwedit
Posts: 5
Joined: Mon May 08, 2006 8:42 am
Location: Chicago!
Contact:

Post by Dwedit »

My password looks something like "E56C9BA4C5344AAFCCF7628B1E0548BB", but it's a different set of hex characters. 128 bits isn't too bad.

User avatar
sev
ScummVM Lead
Posts: 2047
Joined: Wed Sep 21, 2005 1:06 pm
Contact:

Post by sev »

And as I suppose, you don't memorize those passwords, rather, have them written somewhere. If it is so, then it completely breaks your security.


Eugene

PS. Throw away that tool. Those passwords are less secure than 20 characters long passwords with all printable characters involved (both upercase and lowercase letters, numbers and other symbols).

clem
Posts: 2185
Joined: Mon Oct 31, 2005 11:14 am

Post by clem »

Arantor wrote:This all assumes, of course, that the code doesn't truncate it upon trying to log in anyhow.
I only looked at the forum template and not at the php code; in any case the behavior should be consistent and accept the same password length on both screens.

clem
Posts: 2185
Joined: Mon Oct 31, 2005 11:14 am

Post by clem »

Update: According to the sourceforge item, the problem should be resolved.

Post Reply