Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Password fails and captcha image can't be read


Jack_mcs

Recommended Posts

@osCommerce-OfficialI tried logging into my customer account after converting the V2 database. A message was displayed saying the password was not correct and had to be reset. I click the password forgotten but could not get past the captcha image. On each the message was that it was incorrect. My questions are:

1 - Why do I have to reset the password? If it is just a compatibility issue and the password will stay the same then I guess that is OK. But if all of the customers have to change their passwords that seems a needless bother to them,. Is there a way to prevent this?

2 - There's no way to change the captcha image without reloading the page in the browser. And even then the challenge doesn't always change. It took me seven tries, and about 12 reloads, to find a image that I could decipher. This is going to make a lot of customers angry. Can you, at least, add a refresh button to change the challenge? Spacing the characters in the challenge would be better.

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

@osCommerce-OfficialAny idea on when this will be addressesd? I can get the reset email now but still can't login after changing the password, I gave up on guessing at the captcha characters after 15 tries.

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

On 8/13/2022 at 9:21 PM, Jack_mcs said:

1 - Why do I have to reset the password? If it is just a compatibility issue and the password will stay the same then I guess that is OK. But if all of the customers have to change their passwords that seems a needless bother to them,. Is there a way to prevent this?

It is impossible to save previous passwords because they were not stored at all and because the security model was fundamentally changed to meet modern security standards.

Link to comment
Share on other sites

@Jack_mcs Please try to use Google's ReCaptcha

You can find the setting in Settings / Configuration / MyStore   - search for "Preferred use ReCaptcha" and set it to TRUE.

Then go to Settings / Google Settings and enter Re-captchs key there. We suggest v2 version of ReCaptcha 

Link to comment
Share on other sites

Hi Jack,

On 8/13/2022 at 9:21 PM, Jack_mcs said:

1 - Why do I have to reset the password? If it is just a compatibility issue and the password will stay the same then I guess that is OK. But if all of the customers have to change their passwords that seems a needless bother to them,. Is there a way to prevent this?

Passwords are encrypted using a one-way encryption mechanism. It's not possible to recover the actual password text.

In the latest version, the password encryption method has been updated to meet the latest security standards of modern data protection.

Thus, we can't decrypt old passwords to re-encrypt them, nor we can use passwords encrypted with old algorithms.

I know that many would like to avoid this step, but this is The Way...

 

On 8/13/2022 at 9:21 PM, Jack_mcs said:

2 - There's no way to change the captcha image without reloading the page in the browser. And even then the challenge doesn't always change. It took me seven tries, and about 12 reloads, to find a image that I could decipher. This is going to make a lot of customers angry. Can you, at least, add a refresh button to change the challenge? Spacing the characters in the challenge would be better.

After the captcha image is generated, it's available to you for a while, so yes, it's possible that you will see the same captcha after refreshing the page if there was no input attempt.

I assure you that we spent a lot of time trying to find a balance in captcha distortion between "my 90-yo grandma will guess" and "God Damn you, Cypher!.."

Maybe try switching to Google reCaptcha?

You can enable it in "Settings" -> "Configuration" -> "My store", find "Preferred use ReCaptcha", select it, click "Edit" and change it to "True", then "Save".

You'll then need to configure Google reCaptcha in "Settings" -> "Google Settings".

Hope I've been helpful.

Thank you!

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...