Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: RH-SSO-7.2.6.CR1, RH-SSO-7.2.6.GA
Affects Version/s: RH-SSO-7.2.4.GA
Component/s: Server
Labels:
- team-core

Epic Link:
KEYCLOAK-7613
Steps to Reproduce:
Hide

Login to admin console

Create realm "myRealm"

Create a new user and set credentials eg. test@123 from Credentials tab

Logout and try again to set the same credentials for the user mentioned above the browser proposes already set password.
Show
Login to admin console Create realm "myRealm" Create a new user and set credentials eg. test@123 from Credentials tab Logout and try again to set the same credentials for the user mentioned above the browser proposes already set password.

SFDC Cases Links:
SFDC Cases Counter:
SFDC Cases Open:

In the credentials-tab of user management the password fields are of type text i.e <input .... type="text".../> causing the browser to propose already used password.

This is critical from a security perspective.

To overcome this autocomplete must be set to off for New Password and Password Confirmation fields.

Assignee:: Stan Silvert

Reporter:: Saurabh Shriramwar (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Created:: 2018/10/12 10:33 PM

Updated:: 2021/10/24 6:45 AM

Resolved:: 2019/01/31 3:10 PM

Details

Description

Attachments

Easy Agile Planning Poker

Activity

People

Dates