Closed GoogleCodeExporter closed 8 years ago
Original comment by soylentm...@gmail.com
on 6 Jan 2009 at 8:46
This is a feature of the "neville" account. The neville account is used for SQL
Injection of the login request and therefore the password is different.
Original comment by mayhe...@gmail.com
on 21 Jan 2009 at 2:07
Okay, I guess then that the bug is that the descriptions of the passwords on the
other tasks (the ones that say all the passwords are the first names) is wrong.
I'll
update the descriptions, then.
Original comment by soylentm...@gmail.com
on 21 Jan 2009 at 4:09
That's a hard call. On the one hand you want the person to try "neville" and
fail
and take the next step to try and inject the credentials. On the other hand,
you
want the descriptions to be correct. I would be in favor of not giving the
user the
"hint" regarding the password for "neville", but I don't feel that strong about
it
one way or the other.
Original comment by mayhe...@gmail.com
on 21 Jan 2009 at 4:25
Original issue reported on code.google.com by
soylentm...@gmail.com
on 6 Jan 2009 at 8:45