[p4] long passwords

Tony Andrew Kennah tonykennah at hotmail.com
Mon Oct 13 13:11:54 PDT 2008 

Hi Matt

I can't see how this Perforce fix would break anything and would really 
appreciate to hear your theory.

Tony

----- Original Message ----- 
From: "Matt Craighead" <matt.craighead at conifersystems.com>
To: "Tony Andrew Kennah" <tony at kennah.org.uk>
Cc: <perforce-user at perforce.com>
Sent: Friday, October 10, 2008 10:55 PM
Subject: Re: [p4] long passwords


> FYI, P4 support has confirmed that 32-character passwords are treated as a
> special case.  If a password is exactly 32 characters, it is treated as a
> special case and passed as a ticket without truncation.  Otherwise, if it
> longer than 16 and not exactly 32, it is truncated to 16.
>
> The p4api takes care of this truncation for me on non-Unicode servers; I
> guess I have to replicate that logic in my own code for Unicode servers.
> Odd, but should work.
>
> I'd be a little concerned if this limitation/bug was "fixed", since this
> would break existing long passwords.  I've run into similar issues on Unix
> systems that were "fixed" to support longer than 8 character passwords: 
> all
> of the sudden I had to start typing only the first 8 characters of my
> password to be able to log in.
>
> On Thu, Oct 9, 2008 at 7:33 PM, Tony Andrew Kennah
> <tonykennah at hotmail.com>wrote:
>
>> Matt - Thats correct, passwords are truncated to 16 characters, I've 
>> logged
>> a job with Perforce about this one.
>>
>> tk
>>
>> ----- Original Message ----- From: "Matt Craighead" <
>> matt.craighead at conifersystems.com>
>> To: <perforce-user at perforce.com>
>> Sent: Thursday, October 09, 2008 11:50 PM
>> Subject: [p4] long passwords
>>
>>
>>   Some experiments I've just run seem to suggest that Perforce truncates
>>> passwords longer than 16 characters back down to 16 characters before
>>> storing or comparing them.  Is this correct?  I don't see anything in
>>> either
>>> the user or administrator docs talking about a maximum password length.
>>>
>>> I can put in whatever garbage I want after those first 16 characters in
>>> the
>>> password, and it doesn't seem to make a difference.
>>>
>>> Note: this does *not* apply to tickets, where all 32 hex digits appear 
>>> to
>>> be significant (and in fact even changing uppercase to lowercase hex
>>> digits
>>> will give you an error).
>>>
>>> I'm also seeing some particularly unusual behavior with >16 character
>>> passwords via the p4api, but I haven't entirely figured out what is 
>>> going
>>> on
>>> yet, so I'll refrain from speculating as to what the issue is.
>>>
>>> --
>>> Matt Craighead
>>> Founder/CEO, Conifer Systems LLC
>>> http://www.conifersystems.com
>>> 512-772-1834
>>> _______________________________________________
>>> perforce-user mailing list  -  perforce-user at perforce.com
>>> http://maillist.perforce.com/mailman/listinfo/perforce-user
>>>
>>>
>>
>
>
> -- 
> Matt Craighead
> Founder/CEO, Conifer Systems LLC
> http://www.conifersystems.com
> 512-772-1834
> _______________________________________________
> perforce-user mailing list  -  perforce-user at perforce.com
> http://maillist.perforce.com/mailman/listinfo/perforce-user
>

More information about the perforce-user mailing list