This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Connect 1.1 MR1 :: Password with %

Hello,

 

Looks like authentication goes wrong with the Sophos Connect (1.1 MR1) client when there is a % in the password of the user.

If I avoid a % in the password then everything authenticates just fine!



This thread was automatically locked due to age.
Parents
  • Wow, nice find! This clearly ain't ready for production.

  • And that is the reason, we are using a Early Access Program for this product! :)

    __________________________________________________________________________________________________________________

  • Apologies, didn't meant to sound snarky. I get confused as the EAP (beta) Connect client is available for download within the 17.5 OS which is a production version. The MR-1 naming convention on this release further confused me as MRs are production updates when it comes to the OS.

    Eagerly anticipating the fully functional version as we're needing to make a VPN solution change sooner than later as the old SSL client never delivered. The separate prompt for OTP will be huge for us assuming the rest of the process, as far as users go, is straightforward.

    Appreciating your efforts to getting an easy-to-use and secure VPN solution going.

  • Unfortunately this is a common problem across the entirety of the Sophos XG scope that proper input sanitisation for data entry (and authentication) seems to be not a primary driver in development.

    I am not surprised that this issue occurred and has been a bugbear of mine since Copernicus and have raised multiple issues throughout the XGs lifetime regarding input character sanitisation.

Reply
  • Unfortunately this is a common problem across the entirety of the Sophos XG scope that proper input sanitisation for data entry (and authentication) seems to be not a primary driver in development.

    I am not surprised that this issue occurred and has been a bugbear of mine since Copernicus and have raised multiple issues throughout the XGs lifetime regarding input character sanitisation.

Children