On 02/19/2020 01:28 AM, Roger Oberholtzer wrote:
I have a very unusual situation. I am trying to log in to a web site (https://www.zf-laser.com if you are curious) from either Firefox (72.0.2) or Chrome (79.0.3945.130) on Tumbleweed.
I enter the password, but it is not accepted. Both browsers change the password I have entered into a long string that starts with "rsa:". I am guessing this is what they send. And, when Firefox offers to keep the password, I see that it is this same altered string, not the one I entered.
I can log in to other sites (e.g. OBS). But not this one. I have no idea what is happening. Especially since both browsers do the same thing.
Any ideas? A Google search did not seem to me to show anything related to this. Just stuff generally about RSA and passwords in browsers.
What Firefox (and chrome) are doing is just plain-old normal password hashing. You never store the plain password, instead a hash of the password is stored. When you enter a password to login, what you enter is hashed and then compare against the stored hash (prevent somebody making off with your passwords if they steal your passwords file, etc... -- normal cryptographic operation) The real question is why does this one site not accept what you are typing in while other sites work fine? The initial first thought is that site is broken -- so no matter what browser you use -- it doesn't work. That would seem to me to be the simplest explanation... -- David C. Rankin, J.D.,P.E. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org