Bug 15005 – I can enable username/password without confirming the password

Bug 15005 - I can enable username/password without confirming the password

Summary:

I can enable username/password without confirming the password

Status:	CLOSED FIXED

Product:	Logitech Media Server
Classification:	Unclassified
Component:	Web Interface
Version:	7.5.0
Platform:	PC Other

Importance:	P2 major (vote)
Target Milestone:	7.5.0
Assigned To:	Michael Herger

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2009-10-31 20:32 UTC by Joerg Schwieder
Modified:	2010-04-08 17:24 UTC (History)
CC List:	0 users

See Also:
Category:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Joerg Schwieder 2009-10-31 20:32:06 UTC

I managed to enable username/password security with 7.5.0 WITHOUT confirming the password (it was only entered in the primary password field).
In connection with https://bugs-archive.lyrion.org/show_bug.cgi?id=14078 this made me enable wrong username/password combination and I had to do some guessing to change it again.

Can cause some trouble....

Comment 1 SVN Bot 2009-11-27 02:21:36 UTC

 == Auto-comment from SVN commit #29495 to the slim repo by michael ==
 == https://svn.slimdevices.com/slim?view=revision&revision=29495 ==

Fixed Bug: 15005
Description: better check validity of username/password when enabling authorization

Comment 2 Chris Owens 2010-04-08 17:24:36 UTC

This bug has been marked fixed in a released version of Squeezebox Server or the accompanying firmware or mysqueezebox.com release.

If you are still seeing this issue, please let us know!