Changing long passwords causes spurious error
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
base-passwd |
Invalid
|
Undecided
|
Unassigned | ||
pam (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Ubuntu appears to allow arbitrary-length passwords, however, trying to change your password and only changing the last few characters (definitely around 16 checters, probably shorter) is impossible.
To reproduce (characters in angle brackets were typed in):
$ passwd
Changing password for katre.
(current) UNIX password: <REAL PASSWORD>
Enter new UNIX password: <1234567890123456>
Retype new UNIX password: <1234567890123456>
passwd: password updated successfully
$ passwd
Changing password for katre.
(current) UNIX password: <1234567890123456>
Enter new UNIX password: <1234567890123457>
Retype new UNIX password: <1234567890123457>
Bad: new password must be different than the old one
However, login and other utilities demand the full correct password.
Related branches
Changed in pam (Ubuntu): | |
status: | New → Confirmed |
Changed in pam (Ubuntu): | |
status: | Confirmed → Invalid |
Changed in base-passwd: | |
status: | New → Invalid |
Changed in pam (Ubuntu): | |
status: | Invalid → Triaged |
Same here in Ubuntu Karmic 9.10 32 bit.
If I change a user passwor with passw there are 2 cases:
1) completely different password --> no problem, password is updated correctly
2) long password and new password is equal to old password except for 1 or 2 last characters --> password isn't updated --> passwd report: Bad: new password must be different than the old one
Maybe the password wasn't updated correctly when old password was long more than 8 characters and different characters respect to new password are in positions major of 8.