password bug

I have found a bug that may indicate something's wrong with the function used to check passwords. In other words I have found that I can login to my account with an inaccurate password under some circumstances. I don't think I should give details here but want to bring it to dev's attention. I have sent a private message to niviene about the details.

So why this thread? want to see if anyone else has noticed similar issues? Ever mistype your password and be let to login anyway?

I just purposely tried adding "\" or other characters to the end of it. I tried adding a space at the beginning or the middle of it. It doesn't even let me in if I capitalize something.

I have not found any case where it lets me in without my specific and exact password.

this is not true of passwords but is true with loggin names. you can screw up your loggin name to a point and it will still log you into the game. i know because this happened to me about 2 weeks ago. i switched 2 letters around by mistake and it still let me in. if it is happening with the password, then do a complete cleaning and scan of your system and get rid of anything that may be affecting it and change your password after.

Sharker - you may be on to something with this also being able to happen with a change in the login name rather than the password.

But, I have made sure it is on the server, not my computer.

Here's how:

Using the same alternate password that I found by accident, I was able to login to my account from a relative's computer (who also plays CoH so they had it installed). And I was even able to login using either the real or alternate passwords to the message boards now that it uses the same password setup.

So it is not anything on my system causing this. It is a server side issue.

If Sharker was able to mistype a login name and get the same result, that might be important.. or maybe not. I can't tell from here. I just hope the devs/community people look into this.

bug still exists, no one has contacted me

then you have to verify files. if it still does it, then uninstall the game and reinstall it. i also don't care that it says you should turn off your virus/spyware protection while installing. DO NOT do this. you will most likely end up with a lot of bad stuff on your comp that you do not want.

there is no possible way if all the files are correct for CoX that you should be able to log in with a different/slightly modified password. the only way to log into the game with a different password is if you went to your master account and changed the game password.

Is the password abnormally long? 16 or 32 characters? On some operating systems passwords more than a certain number of characters long will silently ignore anything after the nth character. Now my password is 10 characters long and I know if I add characters to the end of that it doesn't make a difference but I guess it's possible this is what's hapenning.

I've had problems it telling me its the wrong password when i tried to access it when i know for the fact that its the right one. I got to the point that the game telling me please contact support. But i just exited out the game and reloaded and tried again and it worked eventually, but it was really annoying.

Fitzsimmons, my password is not abnormally long. No longer than your 10 character one. Now your situation where you can add an 11th character and it still lets you login is a problem similar to mine - is that the case with any program in your OS or is it specific to CoH?

Tempstra, your problem might be your capslock key. I'm more worried about a wrong password that always works, than I would be about a correct one occasionally failing...

Flare, I had a similar problem to you. It allowed a 1 character variation in my password. It was fixed eventually though without me doing anything.

i remember, a while back, that Houtex had found something that sounds very similar to this. i'll try to find it..but it was a LONG time ago. :-(

something about adding certain digits to the end of the password...or some such...can't remember.

It sounds like this is a persistent long time bug. And that no one wants to respond about it. Sweeping it under the rug is not going to help

did you open a ticket with support?

"Sorry bucko, but CoH and CoV are the same game." -BackAlleyBrawler
"Silly villain, CoX is for Heroes!" -Saicho

Yes, I entered a bug report and also a support ticket about this. I did those before starting this thread in fact.

However, the repro steps are problematic. To give them, I'd have to give my password. I think that this might be a bad idea. I was waiting for them to say whether or not I should.

I tried to (and failed to) make a support account, so I am not sure how to follow up on the support ticket. The email that was supposed to create my support account never arrived, and I did check that my email is set correctly in my plaync master account also. So at that point I was not sure what else I could do.

This is not the sort of bug you can make a simple repro for. It may be that only certain combinations of username and password have the erroneous mutliple acceptable codes. I'd have to be employed there and able to make a bunch of different usernames and passwords and try them out, preferably scripted. If I try doing that as a user it is a huge security issue! i don't think I should.

Basically this is something important that should be a priority to fix but not something a player can give that much help with.