Archived Boards and Threads... > SMF Feedback and Discussion

Security issue

<< < (3/3)

Jeff Lewis:

--- Quote from: sekhmet on August 18, 2003, 01:34:27 AM ---Is there a way to see the actual characters he tried as a password, instead of the asterisk symbols?

--- End quote ---

It used to display the password and for this very reason - but everyone ******ed and then someone decided to change it to the asterisks :)

Metho:
So in other words, sekhmet, put the [******][/******] tags around your request. :D

Methonis

Jeff Lewis:
Heh no, his request is how it used to be (and I liked it better that way) :)

Metho:
I suppose the original issue the person had was that if someone misplaced one letter in their pass, created the error, then basically their password was transmitted plain text in the error log, or what?

Methonis

[Unknown]:
I didn't like the feature, specifically because I often *accidently* use the wrong password.

See, I keep about 4~5 passwords going, and I use different "levels" in different places.  I have the lowest one, which is easier to guess - but I only use it on sites I don't care about.  However, sometimes I forget which password I used (ie. 2 or 3.. this is simplified.) and type the wrong one.  This wrong one is still a password, and I would think it wrong for it to show my password to anyone.

And, I've added a feature that basically asks you to try again later if you try to login like 15 times.  (and fail each time.)

-[Unknown]

Navigation

[0] Message Index

[*] Previous page