[Bug 1371048] Re: phone believed to enforce undocumented password policy

Oliver Grawert ogra at ubuntu.com
Thu Sep 18 10:36:38 UTC 2014


there is no "hard coding" it checks if the username and password are
identical ... in teh beginning of working on developer mode this helped
to force people to update their password and make sure dev-mode was
properly enabled (we used to set the password to match teh username in
former installs)

indeed this code needs to go ... password secuity needs to be managed
while the password is being set anyway

** Changed in: android-tools (Ubuntu)
       Status: New => Confirmed

** Changed in: android-tools (Ubuntu)
   Importance: Undecided => High

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to android-tools in Ubuntu.
https://bugs.launchpad.net/bugs/1371048

Title:
  phone believed to enforce undocumented password policy

Status in “android-tools” package in Ubuntu:
  Confirmed

Bug description:
  Per conversation on IRC with ogra.

  The phone will reject passwords which match the username.

  Fine and dandy, but isn't password security the responsibilty of other
  entities and code. Rejecting just this insecure password, hard-coded,
  seems a bit odd.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/android-tools/+bug/1371048/+subscriptions



More information about the foundations-bugs mailing list