Joomla-cms: [4.0] Error in High Security Password of users Joomla

Created on 28 Dec 2017 · 12Comments · Source: joomla/joomla-cms

Steps to reproduce the issue

Install Joomla using a user with a secure password like "Admin123456+"

Expected result

The user can enter into backend or frontend structure

Actual result

The user can't login

System information (as much as possible)

Joomla 4 Alpha 2

Additional comments

1- If I install Joomla with a password like "123", I can login without issues
2- If I after of login with a easy password change the password for "Admin123456+" then I can login without issues

J4 Issue No Code Attached Yet

Source

carlosjacomi

Most helpful comment

Actually this needs do be debugged, I mean it can be js or the php filtering.
dolphin works like a charm for me : https://github.com/danielmiessler/SecLists/pull/155 :D

dgrammatiko on 28 Dec 2017

😄3 👍1

All 12 comments

Admin123456 is a secure password? TIL!!!

dgrammatiko on 28 Dec 2017

that was a example xD for explain it!. the structure of a password that isn't work is Mayus Letter(s)+Normal Letter(s)+ Number(s)+ Special Character(s)

carlosjacomi on 28 Dec 2017

This needs some investigation then. Can you narrow this to what chars break the password? (eg is it something from !@#$%^^&*_-+ )

dgrammatiko on 28 Dec 2017

Well i'm using a password in my website that works good with password like the example "Admin123456+" in the lastest version 3.8.3

carlosjacomi on 28 Dec 2017

Actually this needs do be debugged, I mean it can be js or the php filtering.
dolphin works like a charm for me : https://github.com/danielmiessler/SecLists/pull/155 :D

dgrammatiko on 28 Dec 2017

😄3 👍1

Please change Build to 4.0-dev

_{This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/19204.}