Posts: 8
Threads: 2
Joined: Nov 2023
Reputation:
0
Hi,
When you create a backup with a password, Hasleo prompts in red that the password is weak until it is a certain length. That is helpful for security.
When you do a restore, it also displays the red text that the password is weak until a certain number of characters are entered. That almost seems like a hint and is not necessary or good for security. I am guessing it is part of the code that creates a password and was carried over to the restore code too?
It's a very minor thing, but users should not think the program is trying to help them guess a password. If I thought my friends password was the name of one of their 2 dogs, Max or Maggie, and I entered the name of the name dog Max, it appears Hasleo will alert me that Max is not enough characters, and I would try the other name.
Thanks.
Posts: 1,842
Threads: 11
Joined: Feb 2014
Reputation:
27
(11-28-2023, 03:51 AM)Hollywood Wrote: Hi,
When you create a backup with a password, Hasleo prompts in red that the password is weak until it is a certain length. That is helpful for security.
When you do a restore, it also displays the red text that the password is weak until a certain number of characters are entered. That almost seems like a hint and is not necessary or good for security. I am guessing it is part of the code that creates a password and was carried over to the restore code too?
It's a very minor thing, but users should not think the program is trying to help them guess a password. If I thought my friends password was the name of one of their 2 dogs, Max or Maggie, and I entered the name of the name dog Max, it appears Hasleo will alert me that Max is not enough characters, and I would try the other name.
Thanks.
Thanks for pointing out the issue and we'll improve it.
Posts: 1,842
Threads: 11
Joined: Feb 2014
Reputation:
27
(11-28-2023, 11:40 AM)admin Wrote: (11-28-2023, 03:51 AM)Hollywood Wrote: Hi,
When you create a backup with a password, Hasleo prompts in red that the password is weak until it is a certain length. That is helpful for security.
When you do a restore, it also displays the red text that the password is weak until a certain number of characters are entered. That almost seems like a hint and is not necessary or good for security. I am guessing it is part of the code that creates a password and was carried over to the restore code too?
It's a very minor thing, but users should not think the program is trying to help them guess a password. If I thought my friends password was the name of one of their 2 dogs, Max or Maggie, and I entered the name of the name dog Max, it appears Hasleo will alert me that Max is not enough characters, and I would try the other name.
Thanks.
Thanks for pointing out the issue and we'll improve it.
HBS requires a minimum password length of 6, and it will only prompt "The password is too short" if the password length is less than 6, and it will not prompt if it is greater than or equal to this length, so there does not seem to be any problem.
Posts: 8
Threads: 2
Joined: Nov 2023
Reputation:
0
(11-28-2023, 12:18 PM)admin Wrote: (11-28-2023, 11:40 AM)admin Wrote: (11-28-2023, 03:51 AM)Hollywood Wrote: Hi,
When you create a backup with a password, Hasleo prompts in red that the password is weak until it is a certain length. That is helpful for security.
When you do a restore, it also displays the red text that the password is weak until a certain number of characters are entered. That almost seems like a hint and is not necessary or good for security. I am guessing it is part of the code that creates a password and was carried over to the restore code too?
It's a very minor thing, but users should not think the program is trying to help them guess a password. If I thought my friends password was the name of one of their 2 dogs, Max or Maggie, and I entered the name of the name dog Max, it appears Hasleo will alert me that Max is not enough characters, and I would try the other name.
Thanks.
Thanks for pointing out the issue and we'll improve it.
HBS requires a minimum password length of 6, and it will only prompt "The password is too short" if the password length is less than 6, and it will not prompt if it is greater than or equal to this length, so there does not seem to be any problem. I guess if someone was going to try and guess the password, the program will help the hacker avoid wasting time trying any of the combinations less then 6 characters.
Seriously, HBS is a GREAT program. It is intuitive and fast. I really like it better then any of the system backup programs I tried previously. I hope you do not take offense when I bring up something like this. It is your call, but I just wanted to share my thoughts.
Thanks
Posts: 1,842
Threads: 11
Joined: Feb 2014
Reputation:
27
(11-28-2023, 03:31 PM)Hollywood Wrote: (11-28-2023, 12:18 PM)admin Wrote: (11-28-2023, 11:40 AM)admin Wrote: (11-28-2023, 03:51 AM)Hollywood Wrote: Hi,
When you create a backup with a password, Hasleo prompts in red that the password is weak until it is a certain length. That is helpful for security.
When you do a restore, it also displays the red text that the password is weak until a certain number of characters are entered. That almost seems like a hint and is not necessary or good for security. I am guessing it is part of the code that creates a password and was carried over to the restore code too?
It's a very minor thing, but users should not think the program is trying to help them guess a password. If I thought my friends password was the name of one of their 2 dogs, Max or Maggie, and I entered the name of the name dog Max, it appears Hasleo will alert me that Max is not enough characters, and I would try the other name.
Thanks.
Thanks for pointing out the issue and we'll improve it.
HBS requires a minimum password length of 6, and it will only prompt "The password is too short" if the password length is less than 6, and it will not prompt if it is greater than or equal to this length, so there does not seem to be any problem. I guess if someone was going to try and guess the password, the program will help the hacker avoid wasting time trying any of the combinations less then 6 characters.
Seriously, HBS is a GREAT program. It is intuitive and fast. I really like it better then any of the system backup programs I tried previously. I hope you do not take offense when I bring up something like this. It is your call, but I just wanted to share my thoughts.
Thanks
No worries we're glad you pointed out the problem and made some suggestions. However, the password should not be less than 6 characters long, because you can't specify a password that is less than 6 characters long when creating a task.
|