Jump to content



Photo

Windows 8 RP Still has Password Flaw?

windows 8 release preview

  • Please log in to reply
15 replies to this topic

#1 zeroomegazx

zeroomegazx

    Neowinian

  • Joined: 15-March 05

Posted 01 June 2012 - 20:04

I know the Consumer Preview of Windows 8 had a 16 Character password limit which limited me from linking my hotmail account with my Logon. It appears this is still the issue. Is this an actual limitation now or still a bug MS overlooked? Anyone else seeing this as well?


#2 BajiRav

BajiRav

    Neowinian Senior

  • Joined: 15-July 04
  • Location: Xbox, where am I?
  • OS: Windows 8.1, Windows 8
  • Phone: Lumia 920

Posted 01 June 2012 - 20:06

I know the Consumer Preview of Windows 8 had a 16 Character password limit which limited me from linking my hotmail account with my Logon. It appears this is still the issue. Is this an actual limitation now or still a bug MS overlooked? Anyone else seeing this as well?

I'd hit that problem even before Windows 8. The Zune software has a similar limit and I had to reduce my password length to make it work.
I don't have that long password anymore to try it with RP. :/

#3 Javik

Javik

    Beware the tyrrany of those that wield power

  • Tech Issues Solved: 2
  • Joined: 21-May 12

Posted 01 June 2012 - 20:09

I know the Consumer Preview of Windows 8 had a 16 Character password limit which limited me from linking my hotmail account with my Logon. It appears this is still the issue. Is this an actual limitation now or still a bug MS overlooked? Anyone else seeing this as well?


Yep, I ran into this problem as well it wouldn't let me log back on until I changed my live password (and if your Windows 8 computer were to be your only Internet access the ramifications of this are potentially pretty serious)

#4 MiniMeSorinel

MiniMeSorinel

    I aim to misbehave.

  • Joined: 27-October 05
  • Location: Bucuresti, ROU
  • OS: Windows 8.1 Pro
  • Phone: Nokia Lumia 520

Posted 01 June 2012 - 20:11

I think it's a limitation with Hotmail/Windows Live. I have a 20 character password but I can log-in just fine with only 16 characters.

#5 Javik

Javik

    Beware the tyrrany of those that wield power

  • Tech Issues Solved: 2
  • Joined: 21-May 12

Posted 01 June 2012 - 20:12

I think it's a limitation with Hotmail/Windows Live. I have a 20 character password but I can log-in just fine with only 16 characters.


It shouldn't be, I never had that problem with messenger or hotmail, Windows 8 was the first time it rejected my login due to the length of my password.

#6 OP zeroomegazx

zeroomegazx

    Neowinian

  • Joined: 15-March 05

Posted 01 June 2012 - 20:19

I think it's a limitation with Hotmail/Windows Live. I have a 20 character password but I can log-in just fine with only 16 characters.


Yeah I can't log into my hotmail accoutn with only 16 chars of my password (just tested) MS had better fix this or secure password users are going to be screwed. Of note it should also WARN you when you try to link if you type in MORE than a 16 char password.

#7 +Phouchg

Phouchg

    Random Oracle

  • Tech Issues Solved: 9
  • Joined: 28-March 11
  • Location: Tannhäuser Gate
  • OS: V'Ger 6.1.7601 x64
  • Phone: SQNY D5503

Posted 01 June 2012 - 20:20

I generally do not care about Windows 8, but I will note that passphrase length (and sometimes character) limits are a great evil that should be universally despised and eradicated. I should be allowed to type a damn novel in Chinese in password fields if I want.

#8 +Audien

Audien

    Software Eng.

  • Joined: 30-December 03
  • Location: Seattle, WA
  • OS: Windows 8.1/Mac OSX
  • Phone: iPhone 5S

Posted 01 June 2012 - 20:24

Can you please clarify what the exact situation is? You can't create a Win8 account from a Microsoft Account when its password is longer than 16 characters? Or, only the first 16 characters of the password are checked when logging in via Windows 8 via MSFT Account?

I think it's a limitation with Hotmail/Windows Live. I have a 20 character password but I can log-in just fine with only 16 characters.


That might be the case. Seems as though there are a lot of mentions about it on the net.

#9 OP zeroomegazx

zeroomegazx

    Neowinian

  • Joined: 15-March 05

Posted 01 June 2012 - 21:36

Can you please clarify what the exact situation is? You can't create a Win8 account from a Microsoft Account when its password is longer than 16 characters? Or, only the first 16 characters of the password are checked when logging in via Windows 8 via MSFT Account?



That might be the case. Seems as though there are a lot of mentions about it on the net.


Issue:
When creating a Microsoft account and linking it with a LIVE or HOTMAIL account it lets you register said account with a password longer than 16 characters, however upon reboot when you go to enter in your password it only takes 16 characters max of your password thus not authenticating with LIVE and locking you out of your account on the computer.

This can also be seen if you create a LOCAL account and try to sign into the App Store with a LIVE or HOTMAIL account with a password longer than 16 characters.

*this was also present in the Consumer Preview.

#10 +Audien

Audien

    Software Eng.

  • Joined: 30-December 03
  • Location: Seattle, WA
  • OS: Windows 8.1/Mac OSX
  • Phone: iPhone 5S

Posted 01 June 2012 - 21:39

Issue:
When creating a Microsoft account and linking it with a LIVE or HOTMAIL account it lets you register said account with a password longer than 16 characters, however upon reboot when you go to enter in your password it only takes 16 characters max of your password thus not authenticating with LIVE and locking you out of your account on the computer.

This can also be seen if you create a LOCAL account and try to sign into the App Store with a LIVE or HOTMAIL account with a password longer than 16 characters.

*this was also present in the Consumer Preview.


So the password field is capped at 16 characters or characters beyond that seem to be ignored? To be perfectly clear.

#11 OP zeroomegazx

zeroomegazx

    Neowinian

  • Joined: 15-March 05

Posted 01 June 2012 - 21:44

So the password field is capped at 16 characters or characters beyond that seem to be ignored? To be perfectly clear.


The password field allows more characters to be entered but it is only picking up the first 16, from what I have encountered anyways. I think that is why it was so hard to identify. Also I have repeated this on multiple computers and hotmail accounts.

It was an acknowledged but by MS, odd they didnt fix it.

#12 +Audien

Audien

    Software Eng.

  • Joined: 30-December 03
  • Location: Seattle, WA
  • OS: Windows 8.1/Mac OSX
  • Phone: iPhone 5S

Posted 01 June 2012 - 21:46

The password field allows more characters to be entered but it is only picking up the first 16, from what I have encountered anyways. I think that is why it was so hard to identify. Also I have repeated this on multiple computers and hotmail accounts.

It was an acknowledged but by MS, odd they didnt fix it.


Hrm odd. I've never tried it but can Windows 7 handle passwords longer than 16 characters or has this been some limit that's been around for a while?

#13 OP zeroomegazx

zeroomegazx

    Neowinian

  • Joined: 15-March 05

Posted 01 June 2012 - 21:47

Hrm odd. I've never tried it but can Windows 7 handle passwords longer than 16 characters or has this been some limit that's been around for a while?


Windows 7 and Windows 8 Can handle passwords longer than 16 characters, it seems to be only a limit when linking to a MS account (live/hotmail)

#14 Javik

Javik

    Beware the tyrrany of those that wield power

  • Tech Issues Solved: 2
  • Joined: 21-May 12

Posted 01 June 2012 - 21:49

Can you please clarify what the exact situation is? You can't create a Win8 account from a Microsoft Account when its password is longer than 16 characters? Or, only the first 16 characters of the password are checked when logging in via Windows 8 via MSFT Account?



That might be the case. Seems as though there are a lot of mentions about it on the net.


You can create an account, and your first login will work, but after that if you log off or restart you'll be unable to log in again, it'll just keep giving you a "wrong password" message.

#15 KibosJ

KibosJ

    Neowinian

  • Tech Issues Solved: 1
  • Joined: 27-January 09
  • Location: Darlington, United Kingdom
  • OS: Windows 8.1 Pro x64
  • Phone: Samsung Galaxy S4 (GT-I9505)

Posted 01 June 2012 - 21:50

Hrm odd. I've never tried it but can Windows 7 handle passwords longer than 16 characters or has this been some limit that's been around for a while?


Windows 7 can handle more than 16 characters, this is a Microsoft Account/Microsoft Live Limitation, it has been around for years and NEVER fixed.