After updating password no credentials needed to login
-
I am running into this myself.
I have used far more complicated combinations than the following, but I have it set
export LISTMONK_app__admin_username="Gently2729"
export LISTMONK_app__admin_password="ThemePavilionCare"I have also tried
export LISTMONK_app__admin_username='Gently2729'
export LISTMONK_app__admin_password='ThemePavilionCare'I am not prompted for a sign in with an incognito window
-
I am running into this myself.
I have used far more complicated combinations than the following, but I have it set
export LISTMONK_app__admin_username="Gently2729"
export LISTMONK_app__admin_password="ThemePavilionCare"I have also tried
export LISTMONK_app__admin_username='Gently2729'
export LISTMONK_app__admin_password='ThemePavilionCare'I am not prompted for a sign in with an incognito window
-
After many different tests, the username was the cause.
Once the username is all in lowercase, it would work.
-
I can't really reproduce this. It works just fine with capital case usernames. I used the same creds as in the report:
export LISTMONK_app__admin_username="Gently2729" export LISTMONK_app__admin_password="ThemePavilionCare"Maybe to reproduce this:
- Correct Username + Broken Password
- Same Username + Fixed Password
- Still no login needed?
I will try this out.
Like my work? Consider donating a drink. Cheers!
-
Maybe to reproduce this:
- Correct Username + Broken Password
- Same Username + Fixed Password
- Still no login needed?
I will try this out.
-
Maybe to reproduce this:
- Correct Username + Broken Password
- Same Username + Fixed Password
- Still no login needed?
I will try this out.
-
Could not reproduce at all.
very strange. Maybe @privsec needs to share the exact steps to this issue. -
I'm thinking perhaps the issue is actually that logging out doesn't seem to actually log you out (at least in Firefox with the plugins I use - not tested elsewhere yet), see:
I did a bit more testing.
@privsec are you using the Bitwarden browser extension?
Because further testing seems to suggest if that is enabled and I'm logged into it, then it somehow it magically logs into Listmonk without any interaction from me at all.
If I disable the Bitwarden plugin then I'm prompted to login after logging out.
-
I did a bit more testing.
@privsec are you using the Bitwarden browser extension?
Because further testing seems to suggest if that is enabled and I'm logged into it, then it somehow it magically logs into Listmonk without any interaction from me at all.
If I disable the Bitwarden plugin then I'm prompted to login after logging out.
-
@jdaviescoates I am/was
I cant reproduce it either.
Im not sure what and how this occurred, but once I used a lowercase username I was prompted to sign in on every attempt.
So... IDK
ヽ( 。 ヮ゚)ノ@privsec said in After updating password no credentials needed to login:
Im not sure what and how this occurred, but once I used a lowercase username I was prompted to sign in on every attempt.
Odd, because my username is lowercase too, and if I have Bitwarden enabled and logged in I am never prompted to login
