[Vtigercrm-commits] [vtiger development] #4923: Password comparision takes only first 8 characters!
vtiger development
vtiger-tickets at trac.vtiger.com
Wed Jan 16 05:41:53 EST 2008
#4923: Password comparision takes only first 8 characters!
------------------------+---------------------------------------------------
Reporter: prasad | Owner: developer
Type: defect | Status: new
Priority: critical | Milestone: 5.0.4
Component: vtigercrm | Version: 5.0.4-rc
Resolution: | Keywords:
------------------------+---------------------------------------------------
Comment (by prasad):
This is a limitation of crypt function that is used for password encode
during comparison.
Refer: http://in.php.net/crypt
{{{
The standard DES-based encryption crypt() returns the salt as the first
two
characters of the output. It also only uses the first eight characters of
str , so
longer strings that start with the same eight characters will generate the
same result
(when the same salt is used).
}}}
--
Ticket URL: <http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/4923#comment:1>
vtiger development <http://trac.vtiger.com/>
vtigerCRM
More information about the vtigercrm-commits
mailing list