Do you like what you see?

← Mailgun Dashboard

Validation on the SMTP password box

Recently, I setup an SMTP account. I used a strong password generator. That password had special characters in it. When I went to use it, I got a very generic message that said Mail Gun does not love my credentials. The could be solved one of two ways. 1) Preferred - Have validation on the SMTP box when you create the credentials to not allow for special characters and a message to that effect if some are used. This would stave off this situation right at the beginning. 2) Not preferred but workable - Change the error message that comes back to say "You have special characters in your password and that is a no-no." I really like 1) the best. Thanks for listening.

4 votes
Sign in
(thinking…)
Sign in with: Facebook Google
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

scott shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

1 comment

Sign in
(thinking…)
Sign in with: Facebook Google
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • J. commented  ·   ·  Flag as inappropriate

    Actually, neither of these solutions is acceptable. The correct solution is:
    3) Accept all printing ASCII and Unicode chatacters (including spaces) in the password. See NIST Special Publication 800-63B, Section 5.1.1.2 and Appendix A (https://doi.org/10.6028/NIST.SP.800-63b).

    Barring that, 4) All password restrictions should be well documented in documents, help text, and error messages. A password should NEVER be accepted in setup and then rejected in use.

    I spent two hours beating my head against this wall until I finally found this post.

Mailgun Dashboard: Control Panel/Dashboard

Categories

Feedback and Knowledge Base

(thinking…)