Stuck password with 2.0.19993
-
I did this. The old password didn't pop up. Looked promising. Closed down the client and started it again. And there it is. Same as with Jim. Didn't work, sorry.
-
@Jim-Parker Can you test this scenario for me?
- Clear out the password manually again.
- Start the Game and Set the password
- Copy the saved encrypted password somewhere
- Restart the Game
- Check if the encrypted password stored changed.
My suspicion is that we might have an error in the decryption algorithm on Linux systems
-
@RoiEX said in Stuck password with 2.0.19993:
My suspicion is that we might have an error in the decryption algorithm on Linux systems
I use Windows.
-
@RoiEX
Ok, I tried the test you provided and got weird results...My AAA forum password was magically repopulated the first time as described before. But when I cleared it again and restarted the game, my username repopulated the field, but the password was blank. That's strange, but more interesting was the password hashes in the prefs.xml
the first time through I had a A&A and TripleA forum username and password. The second time
The A&A username and password were different from first time. The TripleA username was identical, but no password entry existed, which seems to indicate the dialog is pulling data from TripleA to fill A&A forum info.Actual hashes below:
First time hashes
<entry key="A&A_FORUM_PASSWORD" value="[redacted]Eg==.Ky/owSzgty5nCkT03Y0TgA=="/> <entry key="A&A_FORUM_USERNAME" value="[redacted]Rg==.Q0aH/UCxk8PmFr4YVwoCiA=="/> <entry key="TRIPLEA_FORUM_PASSWORD" value="[redacted]kw==.rZYIYfRTCuz50R8RB0uYhw=="/> <entry key="TRIPLEA_FORUM_USERNAME" value="[redacted]lA==.vggx546emjUyX3EzfVJrVA=="/>Second time hash:
<entry key="A&A_FORUM_PASSWORD" value="[redacted]Uw==.xFgiuzMUo13j3CE9Z3m1PQ=="/> <entry key="A&A_FORUM_USERNAME" value="[redacted]ZA==.LduQLFVWk9UyngFBJIl7nQ=="/> <entry key="TRIPLEA_FORUM_USERNAME" value="[redacted]lA==.vggx546emjUyX3EzfVJrVA=="/> -
I've installed 2.0.20036. No change.
-
Has this been resolved? I am getting notifications about similar errors on A&A .org.
https://www.axisandallies.org/forums/topic/35443/password-error-with-2-0
-
I haven't looked into it so far, but it sure looks like this is a common issue, so definitely worth creating a github issue
-
-
So I did some digging and I have identified a potential error source.
@Jim-Parker Could you check
.userPrefs/games/strategy/security/prefs.xmlfor me and check if that changes as well?
If it does this would already explain a lot, but not everything. If it doesn't I'll have to check elsewhere.
Do NOT post the contents of this file here, it contains the password used to encrypt the passwords. Also I redacted them in your previous post, just to feel a little bit safer. -
@RoiEX Nope. ./security/prefs.xml did not change.
-
@RoiEX Thanks for fixing my naive post of passwords.
-
Ok, next set of questions:
.userPrefs/games/strategy/security/prefs.xmlhas a fixed property calledDEFAULT_CREDENTIAL_MANAGER_MASTER_PASSWORDright? I just want to make sure it actually saves the key it encrypts the passwords with.When you're just looking at your engine preferences: The username you configured along with the password. Does it change as well? Or is it the same username you entered in the first place?
If it does indeed change: When does it change? After closing and reopening the game/window/tab, something else?
-
Thanks for fixing my naive post of passwords.
If that helps: I'm "currently working" (read as "I should finish this little project soon but haven't proceeded so far") on a small change to the system so we no longer store real passwords, just encrypted Login Tokens that can be revoked and re-created at any time.
I doubt that this planned change will fix the issue you're currently experiencing, but if all attempts to nail the problem down fail that would be an option as well.
-
Yes. security/prefs.xml does have a property
DEFAULT_CREDENTIAL_MANAGER_MASTER_PASSWORD.If I open engine preferences, I see my username and -- a 10-character password!! However, whenever I open a game it loads my username and an 8-character password...
If I load a game, and then post and quit. I still see my username in the Engine preferences, and a 10-character password. HTH. -
The 8 character password on the UI is a dummy value, the back-end still has your original password. The problem is that there is a case where the front-end sends the dummy password to the back-end which is only supposed to happen when you are actually typing a legitimate password. The backend then dutifully stores the dummy password value.
This update fixes the problem: https://github.com/triplea-game/triplea/pull/6864
-
@LaFayette Yea!!! That works! Thank you.
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login