Ticket Information - ID: #889
ID: | Category: | Severity | Reproducibility | Date Submitted | Updated By: |
---|---|---|---|---|---|
0000889 | Bug Reporting | High | always | 05/27/17 12:44PM | lozertuser |
|
|
Summary: | Changing password to one including ' (ASCII decimal 39) will cause one to be unable to log in with new password |
Description: | How to reproduce: Go to change password form: /index.php?page=account&s=change_password Enter old password. Enter new password including at least one ' (ASCII decimal 39). Submit form and receive success message. Attempt to log in with new password and consistently fail. Web browser: Google Chrome 64-bit 58.0.3029.110 and Mozilla Firefox ESR 32-bit 52.1.2 |
Additional Info: | Accounts without email address are out of luck. For accounts with email address, the reset-password link received in email opens a form to enter a new password with only one field: no additional confirm-password field to protect against mistakes. |