System ignore cases in username field in the login page

openMF / community-app

This was the former default web application built on top of the Apache Fineract platform. It's now deprecated and replaced by the the Mifos X Web App (https://github.com/openMF/web-app maintained by the Mifos Initiative as a reference solution for financial inclusion. It is a Single-Page App (SPA) written in web standard technologies.

http://openmf.github.io/community-app/

Mozilla Public License 2.0

313 stars 1.02k forks source link

System ignore cases in username field in the login page #2460

Open Nenge1 opened 7 years ago

Nenge1 commented 7 years ago

For this case, username: mifos and password: password. The system allow username: MIFOS as valid username. In my suggestion, It is not a good practice as this is a credentials, not the name of the user. Thus, the system should test the exact username without ignoring cases.

gkrishnan724 commented 7 years ago

@Nenge1 I believe this should be reported in the fineract side.

Nenge1 commented 7 years ago

Thanks @gkrishnan724, I will do so then

santoshconflux commented 7 years ago

Same issue raised at Fineract side: https://issues.apache.org/jira/browse/FINERACT-522

bauripalash commented 5 years ago

I don't think this is a problem. User IDs shouldn't be case-sensitive.

Assume, I have username palash And now you'll not be able to have username palaSH , that's why we don't need to validate usernames this way.

Even GitHub allows me logging in with BauriPalash , where my username is bauripalash

santoshconflux commented 5 years ago

@bauripalash , In banking login, username may be case sensitive in some cases.