Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » Password Length
  •  
NorthernAlberta

Messages: 54
Karma: 6
Send a private message to this user
Has anyone else had issues with max. password length for users? I recently changed the password for my admin account to a 24 char string with upper and lower case letters and numbers. The system accepted it fine with no error messages, however when I then try to log in to that account with the new password (or the old) it does not work.
The only way I was able to get control of my mail server again was to shut Kerio down then hack the users.cfg file.
I checked the config log, it shows the password change, but does not list any errors.
I am able to reproduce it through both the webmail and Administration Console and am currently using Kerio Mailserver 6.1.2 on Windows 2000.
  •  
winkelman

Messages: 2119
Karma: 3
Send a private message to this user
I was did notice a similar kind of problem with passwords containing a comma (','). These passwords would be accepted when configuring them, but they would not work. (In my case, the passwords were short, for example something like 'de4,rtg'.)

Did you use a comma somewhere?
  •  
NorthernAlberta

Messages: 54
Karma: 6
Send a private message to this user
Thanks for the heads up, no comma in my password just 22 letters and 2 numbers.
This would seem to be a fairly big issue, as it can lock out a user (or administrator) without warning.
  •  
winkelman

Messages: 2119
Karma: 3
Send a private message to this user
Did you submit a ticket on this? Maybe that's a good thing to do, it will ensure Kerio takes a look at the issue.

Maybe send the password along so they can test it? (If you do not use the apssword yourself anymore of course.)

I could also do some testing on a user account.
  •  
Kerio_ktrumbull

Messages: 597
Karma: 2
Send a private message to this user
This is not a bug. There is in fact a limit of 24 characters for passwords that do not use the SHA encryption. You will notice that when you are creating a new user in the Admin Console, and you do not select the SHA option, after you type the 24th character, the MailServer will stop accepting characters, although you are allowed to continue to type.

I will file a suggestion with our development team to have a window popup if you continue to type characters in the password field after the 24th character letting you know that there is a limit.

Kevin Trumbull
Kerio Technical Support Team Leader
http://support.kerio.com
  •  
winkelman

Messages: 2119
Karma: 3
Send a private message to this user
I'll see if I can find reproducable steps to cause the problem with certain characters in passwords. I ran into such problems (I believe with comma's) once in a while. If I do, I'll let you know.
Previous Topic: Someone trying to SMTP login...
Next Topic: Novice question. Prevent messages from deleting after receive
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sat Nov 18 05:39:54 CET 2017

Total time taken to generate the page: 0.00554 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.