Inconsistent Password Handling (c) Krazy Glue

App Reviews
EN

Inconsistent Password Handling

This app allowed me

A) to set a password containing special characters like commas ","

B) but does not allow me to type such a password to login to the app. I.e. Must do a password reset

I am fairly certain of this - I cut and pasted password text from a password manager.

Such inconsistent vetting of user input is not only inconvenient, but it also flags a worrying lack of security. It says "here bad guys, my programmers did not validate input correctly in at least one situation, there are probably more such situations to try to exploit!"

Yes, the app does not say that special characters are allowed. But it also does not say that they are not allowed.

As usual for healthcare apps, the minimum password size is too small, 8 characters, and it is not clear what the maximum is. 24 seemed to fail.

Krazy Glue about Health4Me, v5.0

App Reviews

Talking Peter (FREE) the Pig HD
Сонник и Лунный календарь 2017 - толкование снов
Friend-O-Meter Pro
IMU
Immagen Properties

Site powered by AppStorio. [ Create free website for mobile app ]
Contact us: [email protected] Abuse: [email protected]