Closed llanverygranger closed 8 years ago
Note, I also got this error when clicking the validation link: "Sorry, there was an error verifying your account. Please make sure you used the entire URL included in the email you received." So probably related.
Hi Xandrani,
culteducation.com is using version 5.2.19. I checked the source code but I couldn't find any explication for this behavior. But me too I wasn't able to register in this forum. I opened a new thread in there "tech support forum": https://forum.culteducation.com/read.php?15,133974
Btw: Passwords are stored encrypted. No characters are removed from the password.
Regards Oliver
No answer from culteducation.com. I close this issue.
I registered with the forum https://forum.culteducation.com which says it uses Phorum. I auto-generated a password when registering. Sadly this username and password didn't work when logging in, even though the registration process accepted the details.
This usually means one of these bugs: 1) The password is truncated before being stored in the database (hopefully encrypted) 2) Certain character types are removed before being stored in the database (hopefully encrypted)
The fix is to: a) Tell the user any limitations to a password during registration, e.g. maximum 32 characters, must not use punctuation, must use at least one capital letter... etc. b) Feedback to the user problems with the password until a valid password is used... then and only then, store this password (or rather an encrypted version of it) in the database.
This happens on about 1 in 30 websites.