Today we came accross the issue with multiple live users, that Connect client deployed with pro file, does not work when the user has a password beginning with #
Like with space/blank known not working. https://community.sophos.com/sophos-xg-firewall/f/discussions/129828/sophos-connect-client-2-1-20-0309---password-with-spaces-in-it-fails-login
When deployed with the pro file, the client can connect to the userportal and it downloads the protected file. Can see the change in file size and in the XG log file that the user logged in to userportal.
But after it connects to the firewall, it never get's there. Just does nothing while showing "authenticating"
May I know if there is a list of password characters and combinations not working?
I could lough at it if it was'nt so serious. What a joke of a program.
@emmosophos you say that the issue is resolved in version 2.2, yet the current active version on the website (https://www.sophos.com/en-us/support/downloads/utm-downloads) is still 2.1.20 for Windows.…
case 04985897
Hello LHerzog,
This issue is being investigated under NCL-1256 and it fails only when the first character is #.
Fixed on Sophos Connect 2.2
Let me ask internally if there’s some combination of passwords known to not work but as far as I know it was only # and spaces on the password.
Regards,
Thanks for reporting the NC ID. Isn't this publicy available?
just found this recent KB from Sophos. Created last week:
Sophos: A Guide to Strong Passwords
https://support.sophos.com/support/s/article/KB-000037106?language=en_US&c__displayLanguage=en_US
some highlights linked to Connect Client:
Always check the application to see the minimum and maximum characters that are required, what special characters are allowed and how many numbers or digits must be used. Most programs will outline the password requirements below the password creation window or in the online help. -> no documentation and no help exist
Good passwords: are a phrase and not a single word. For example: Oh my, 1 stubbed my toe!-> what was it about the space issue?
This isn’t part of the KIL.
The issue with the use of spaces is fixed on 2.2,in the meant time you could use symbols instead#of.spaces!
Have you received an answer about known character combinations causing issues?
I ask because we're having an other live User issue caused by Connect Client beeing unable to handle secure passwords:
if the AD user password contains #? in the password like Abc#?123 it fails to authenticate the user against the firewall.
I haven't heard back but thank you for the reminder. I will add your comment about the AD user password as well.
emmosophos what's about the unsupported password character list? I can understand that Sophos doesn't want to admit such a blamage. But then please tell us that it's confidential.
In the meantime it just came up today, that \ backslash is unsupported by Connect Client SSL VPN. This hit one of our CEO and I he is not happy with it to be polite.
Thank for the reminder, I forgot to follow up, I thought I posted about this but the backslash is investigated under NCL-1372 and only affects SSL.
So the ones confirmed are \, #, spaces, and a specific combination of #%, which I wasn’t able to reproduce on the passwords I used for testing.
thanks. do you think that we have all now?
#% - I did not mention that - it is #?