phone believed to enforce undocumented password policy
Bug #1371048 reported by
John McAleely
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
android-tools (Ubuntu) |
Fix Released
|
High
|
Oliver Grawert | ||
android-tools (Ubuntu RTM) |
Fix Released
|
High
|
Oliver Grawert |
Bug Description
Per conversation on IRC with ogra.
The phone will reject passwords which match the username.
Fine and dandy, but isn't password security the responsibilty of other entities and code. Rejecting just this insecure password, hard-coded, seems a bit odd.
Related branches
Changed in android-tools (Ubuntu): | |
assignee: | nobody → Oliver Grawert (ogra) |
Changed in android-tools (Ubuntu RTM): | |
status: | New → In Progress |
importance: | Undecided → High |
assignee: | nobody → Oliver Grawert (ogra) |
Changed in android-tools (Ubuntu RTM): | |
status: | In Progress → Fix Released |
To post a comment you must log in.
there is no "hard coding" it checks if the username and password are identical ... in teh beginning of working on developer mode this helped to force people to update their password and make sure dev-mode was properly enabled (we used to set the password to match teh username in former installs)
indeed this code needs to go ... password secuity needs to be managed while the password is being set anyway