evansims
commented
10 years ago Tagging @shadowhand to keep him apprised of updates
Closed evansims closed 10 years ago
evansims
commented
10 years ago Tagging @shadowhand to keep him apprised of updates
evansims
commented
10 years ago It appears < and > tags are being sanitized by our input processor, resulting in complex passwords using those characters being malformed.
Examples:
password<testresults in the hash of password being stored.password<test>password results in the hash of passwordpassword being stored.Patch is being tested now.
evansims
commented
10 years ago A patch has been pushed and is propagating to datacenters. @shadowhand would you mind seeing if this fixed it for you? I will need to review our other products' implementations to ensure they aren't bugged either.
shadowhand
commented
10 years ago No change, using a password with special characters is still broken.
evansims
commented
10 years ago Herp derp, forgot a step in that last commit. Give it another try.
shadowhand
commented
10 years ago Was able to change my password and login successfully. Thanks!
Got a report of complex passwords having recovery/setup issues. Do a once-over on these to ensure things are working as expected.
It also appears CrowdmapID emails are no longer being sent out via Sendgrid as they should be. This in particular needs resolved immediately to avoid spambox blackholes.