Hello to all,
I have noticed with UMS12 that if the password for logging in contains a paragraph character (§), logging in to WebUMS is not possible.
The console is not affected by this effect.
Just FYI 😉
Regards
Adrian
Hello Adrian, great finding!! Thank you for sharing this!! Will try to reproduce and pass the feedback to PM!
That is a reserved character to define Static Template keys and cannot be used in UMS.
Also, I have never seen that on a keyboard and I am not sure many systems would InterPro it correctly.
No special chars in password phrases are a sign of a (politely phrased) legacy system. Nowadays this should not be an issue anymore.
especially as I suspect that the password is stored as a hash and not in plain text. Thus, “as a forbidden character” would not apply.
Especially since the UMS console still works. Only in the WebUMS it does not work.
Did y’all fix the “can’t use a $” in a password because Linux does something with it?
I have used that in the past with no issue
§ is a bit different as it doesn’t appear on a standard keyboard
There may be limitations on characters not on a standard US keyboards in most password hasing libraries. Especially ones used for web applications
May I introduce you to my keyboard @member 😉
I always use a password generator for my environments
A lot of libraries (including Oracle and Microsoft) follow OWASP recomendations
owasp.org/www-community/password-special-characters
Most password generators follow OWASP as well
do other non-ASCII characters work?
Also, standard US Keyboard
@member I have try with % & and $ . That signs works. By my recently created password, with § doesn’T work correctly.
those should work – I’m just curious if we run into issues going into Unicode land but that would also break any Latin characters with accents/umlauts I would think: en.wikipedia.org/wiki/List_of_Unicode_characters
Marked as Bug on our PM side, will be fixed in an upcoming version!
Continue reading and comment on the thread ‘WebUMS and UMS Console is not working when a paragraph character is used.’. Not a member? Join Here!
Learn more, search the IGEL Knowledge Base
Ask a question or comment on the above message thread?
Join or log in to the IGEL Community to ask us anything and meet other IGEL customers, partners, and EUC enthusiasts.Submit a question, or Join Today!