Giters

open-eid / chrome-token-signing

DEPRECATED Chrome and Firefox extension for signing with your eID on the web

Home Page:https://github.com/open-eid/chrome-token-signing/wiki

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Password Restriction in Mac OSX

kurtuluso opened this issue · comments

commented

Thank you very much for the safari extension, it is a rule changer in this platform.

The issue is, the password input screen enforces min 8 characters in any way. I have SafeNet token and software. You know the minimum password can be set in the SafeNet application but it does not work for our token signing screen.

Tokens are generally provided with 6 numbers. At least we can set it to 6. This is what I did for making it work:

ilerian@bf5d5cf

Please consider at least making the minimum as 6. I can open a pull request for the above change.

Cheers

commented

Maybe we can add some workaround with SafeNet drivers?
Verify if the driver name etc and macOS then alter the minimal size?

commented

I think this is not about a workaround.
The extension opens card manager tool when available. Until now, I've seen ACS and SafeNet Card manager tool dialog for entering the pin in WINDOWS. (I remember once in Mac but I do not know in which condition).

In Mac, when there is no card manager found, PinDialog.mm opens. Yes, I have SafeNet tool in mac but I can not see its dialog.
In this case, it enforces 8 characters. It should be somehow hardcoded because I've set it as 4 in SafeNet card manager.

Please fix If I'm wrong; I assume that

  1. MinPin Length is controlled by card manager tool.
  2. PinDialog opens when the token is not controlled by a card manager.

Then in PinDialog, there is no need to have >6 digit restriction by default, we can set it as 6.

I could not find a clue this case is related with SafeNet driver case.

commented

I was thinking on this case and maybe we can use SafeNet UI for this purpose.
When I read Safenet documentation C_Login with null parameters should show Safenet own PIN UI prompt.
Is this acceptable solution?

commented

I think so. These are the cases:

  1. No card manager: What will happen? What is the default?
  2. A supported card manager (Safenet): Let's check it. If you have a branch, I can try to run it.
  3. Unsupported card manager: A default is needed
commented

Thank you for the feedback.
I will close this issue since the active development and management of the Token Signing component has ended due to the transition to the new web authentication and signing solution (Web eID).
We are happy to accept your proposals in the new Web eID project repository: https://github.com/web-eid.