Skip to content

Jake Grindstone

My feedback

1 result found

  1. 3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    An error occurred while saving the comment
    Jake Grindstone commented  · 

    Yes this is so true.

    The system doesn't appear to handle hash-like strings as passwords in the way I would expect. According to best practices in authentication, a system should be agnostic about the characters used in a password as long as they meet security requirements. Whether the password is a simple word or a string that resembles a hash (A{S}Da(!3)ASnaas%lda!/asd for example), the system should:

    1. Hash and store the initial password.

    2. Allow the user to authenticate later by entering the same original string.
    It appears that the current implementation might not support this standard behavior, which could be seen as a limitation or oversight in the system's design. I recommend revisiting this aspect of your authentication process to ensure it aligns with industry standards for both security and user experience.

    This is poor development and security practices.

Feedback and Knowledge Base