WOW! You mean some of my frustration, and potential legal troubles, could
be due to some idiot changing password criteria in a moronic way?
EVERYONE! If you change password requirements, make the changes on initial
entry and changes ONLY!!!!!!! NEVER limit what a person enters in this
way. TWO reasons why....
1. You could lock out a LEGITIMATE user FOREVER! (One customer changed
ALL information so that recovering a password, or getting a person to rectify
it is not possible. What if he still had the password? One that ***YOU***
now declare arbitrarily as illegal. Because of THOSE stupid rules, he is
out a domain, and *I* could have problems.(at one point he DID use an asterisk!))
2. It makes things easier to hack!
OKAY!?
Steve
>-- Original Message --
>Date: Thu, 15 May 2003 18:34:22 +0300
>From: Sergei Kolodka <folio@infocom.zp.ua>
>To: discuss-list <discuss-list@opensrs.org>
>Subject: Re: Changing criteria
>
>
>Hello Csongor,
>
>OpenSRS Live Reseller Update [.de & OpenSRS] - 15/04/2003
>
>
>FC> When registering a new domain one of my clients got this:
>FC> Invalid password syntax: The only allowed characters are all
>FC> alphanumerics (A-Z, a-z, 0-9) and symbols []()!@$^,.~|=-+_{}#
>
>FC> I find it frustrating that the API sometimes changes its validation
>FC> criteria for some fields. Especially when there is no announcement.
Last
>
>FC> time suddenly I was no longer able to use 1 character passwords for
>FC> registration (in the test environment, FYI). Now my client does not
>FC> understand why is it that he can log in using his regular password
>FC> (containing a * character) for an existing profile, and after that
his
>
>FC> new registration just fails.
>
>
>FC> Just my two pieces of ... whatever currency.
>
>FC> - Cs.
>
>
>
>
>
>--
>sK
>
This archive was generated by hypermail 2.1.3 : Tue Oct 19 2004 - 23:37:43 EDT