Results 1 to 9 of 9
  1. #1
    Join Date
    Dec 2005
    Location
    Cincinnati Ohio
    Posts
    1,030
    Plugin Contributions
    13

    Default Manual Install (Password Entry) Error - Bug?

    Second Install did not go so well. During the install process of the Admin Password it throws out the "Password" not secure enough error

    Password not secure enough. Requires letters and numbers, and at least 7 characters. more info...
    Tried many different types of passwords for testing and the server stats go along with the details.

    Admin User: Beta1502011

    Passwords Used:
    (Note) These are randomly generated not actual passwords

    ds[.]K*nt4wz
    Z]Mb8o^JRslh
    x39A2pTP[wdU
    123..Beta__Test
    crackle..snap__Pop
    Shank__Da_Mention.123

    Screenshot Attached

    Server Stats:
    Server IP: xx.xxx.xx.xxx
    PHP: 5.2.17 and 5.3.6 (Both Versions Failed) {Two Servers}
    MySql: 5.0.92-community
    cPanel Version: 11.30.1-STABLE_99999
    Apache version: 2.2.19

    Status: New Install No Upgrade
    Attached Images Attached Images  
    Last edited by knuckle-101; 27 Jul 2011 at 02:17 AM.
    PCI Certified Web Hosting - ControlScan, Security Metrics (Platinum Partner), McAfee, TrustKeeper
    Business Class Web Hosting - Linux and cPanel Powered

  2. #2
    Join Date
    Jan 2004
    Posts
    66,364
    Blog Entries
    7
    Plugin Contributions
    274

    Default Re: Manual Install (Password Entry) Error - Bug?

    It seems it's disliking the symbols you're using.
    If you choose literally only letters/numbers it should work.
    We'll investigate for allowing symbols as well in the final release.
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  3. #3
    Join Date
    Dec 2005
    Location
    Cincinnati Ohio
    Posts
    1,030
    Plugin Contributions
    13

    Default Re: Manual Install (Password Entry) Error - Bug?

    Thanks..

    I noticed that letters and numbers only worked in the first install but not the second, reason I brought it to attention is because depending on the PCI kit some merchants have for their users they do recommend crazy symbols and some points I seen processors require it which I thought was bizarre but least you know about it..
    PCI Certified Web Hosting - ControlScan, Security Metrics (Platinum Partner), McAfee, TrustKeeper
    Business Class Web Hosting - Linux and cPanel Powered

  4. #4
    Join Date
    Aug 2005
    Location
    Arizona
    Posts
    27,761
    Plugin Contributions
    9

    Default Re: Manual Install (Password Entry) Error - Bug?

    PCI kit some merchants have for their users they do recommend crazy symbols and some points I seen processors require it
    How would they know what password you have???
    Zen-Venom Get Bitten

  5. #5
    Join Date
    Dec 2005
    Location
    Cincinnati Ohio
    Posts
    1,030
    Plugin Contributions
    13

    Default Re: Manual Install (Password Entry) Error - Bug?

    Quote Originally Posted by kobra View Post
    How would they know what password you have???
    They do not know unless the business owner tells them. I was personally on conference with two customers which will be a "unspoken" processor asked them what password they were using so the bizarre part comes in the lady on the PCI Compliance team of that processor says we require letters, numbers and symbols to pass PCI compliance "Okay" was my exact words of course laughing internally to void showing he customer disrespect

    But the point of the attention brought up was this if a new store owner knows nothing about it {PCI} they may take it to heart and literally try to put the password types I posted above so it comes down to this they say I am using a software that will not allow me to do this and the processor support member says simply "Change Software" that will and if this is done this takes away the support of ZenCart. To me it was a good point not a war starting statement

    Adding to this paragraph.. Obviously the processor support team has minimal training hence knows nothing about what their kits really do other then what a manual tells them. All basic self questionnaires about 50 pages long..
    Last edited by knuckle-101; 27 Jul 2011 at 05:19 AM.
    PCI Certified Web Hosting - ControlScan, Security Metrics (Platinum Partner), McAfee, TrustKeeper
    Business Class Web Hosting - Linux and cPanel Powered

  6. #6
    Join Date
    Aug 2005
    Location
    Arizona
    Posts
    27,761
    Plugin Contributions
    9

    Default Re: Manual Install (Password Entry) Error - Bug?

    point taken and valid

    BUT no one should ever reveal their password not even to a metrics outfit
    Zen-Venom Get Bitten

  7. #7
    Join Date
    Dec 2005
    Location
    Cincinnati Ohio
    Posts
    1,030
    Plugin Contributions
    13

    Default Re: Manual Install (Password Entry) Error - Bug?

    Quote Originally Posted by kobra View Post
    point taken and valid

    BUT no one should ever reveal their password not even to a metrics outfit
    Agreed. I always stress that to the customers who ask me those same exact questions. NEVER NEVER not even your child if it can be avoided. We take security seriously and we do all we can to support this software and I like making strong points at times. If I had my way no other OS would even be existent today, just build ZenCart stronger and forget the rest... Just my two cents.. But coffee is like .99 now
    PCI Certified Web Hosting - ControlScan, Security Metrics (Platinum Partner), McAfee, TrustKeeper
    Business Class Web Hosting - Linux and cPanel Powered

  8. #8
    Join Date
    Jan 2004
    Posts
    66,364
    Blog Entries
    7
    Plugin Contributions
    274

    Default Re: Manual Install (Password Entry) Error - Bug?

    Fixed in newly posted zip.
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  9. #9
    Join Date
    Dec 2005
    Location
    Cincinnati Ohio
    Posts
    1,030
    Plugin Contributions
    13

    Default Re: Manual Install (Password Entry) Error - Bug?

    Confirmed using generated password

    Code:
    ]!x0~2o~=d@P
    good deal...
    PCI Certified Web Hosting - ControlScan, Security Metrics (Platinum Partner), McAfee, TrustKeeper
    Business Class Web Hosting - Linux and cPanel Powered

 

 

Similar Threads

  1. Manual Order Entry?
    By eyespike1 in forum General Questions
    Replies: 1
    Last Post: 28 Nov 2011, 12:22 PM
  2. Manual Order Entry
    By mthem2003 in forum General Questions
    Replies: 1
    Last Post: 25 Jul 2008, 04:25 PM
  3. Manual Order Entry
    By e-hol.co.uk in forum General Questions
    Replies: 3
    Last Post: 25 Jul 2006, 10:54 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg
Zen-Cart, Internet Selling Services, Klamath Falls, OR