Silk Road forums

Support => Feature requests => Topic started by: mseller on July 17, 2011, 08:24 pm

Title: Login page
Post by: mseller on July 17, 2011, 08:24 pm
I have notice something on login.
If you put wrong user or wrong password there is reply (error message) explaining particular problem.
I think that only if somebody type wrong captcha there should be message "wrong captcha".
But not messages informing potential hacker what is going on..
Example.
If user "xxxx" exist but he typed wrong password, SR page would say; wrong password. That is not good.
Regardless does user exist and/or password error, there should be unique error message something like; "Wrong user or password"
Title: Re: Login page
Post by: btcfreedom on July 18, 2011, 08:16 pm
@mseller excellent point there. I'd msg the admins through the Market rather than here, or both. It's a topic they'll want to discuss and probably fix

+1