Skip to content

bad (no) treatment of wrong password #241

New issue
New issue
Open
Open
bad (no) treatment of wrong password#241
@lmamane

Description

@lmamane
lmamane
opened on Jan 30, 2023

Steps to reproduce

  1. Setup a new account in the Android Nextcloud SMS app
  2. put a wrong password

Expected behaviour

On setup, an error message. Let the user save this account only on second explicit confirmation after the error message, something like "force save with wrong password?"

On sync, an error notification and exponential back-off of retries.

Actual behaviour

The Android Nextcloud SMS app hammers the server with failed logins and gets the IP address "that colour that shall not be named publicly or a lighter shade of it"-listed at the server.

Server configuration

Nextcloud version: 19.0.13

PHP version: 7.3.31

Webserver: Apache

HTTPS: yes

Client configuration

Android version: 13 (LineageOS 20)

Android device: OnePlus 9 Pro

Nextcloud SMS app version: 2.0.5

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions