HDAConnect password authentication only looks at first 8 characters
I am using HDA Connect GUI v 3.2 for windows. While logging into my HDA from work I entered a wrong character at the end of my 10 character password, but I was granted access. I tried again (and agian and again and again, etc) and I found that as long as the first 8 characters of my password were correct, I would be allowed in. I could have trailing characters way over my 10 character password and still get in. If anything in the first 8 characters is wrong, I am disallowed access, as expected.
The point is, this application only verifies the accuracy of the first 8 characters of the password. The rest is assumed accurate.
This seems like a GROSS oversight on the security of my internet facing device here.... Can this get patched? Quickly!
Also available in: Atom