bankingright

UserAuthenticationCallback and weak password

0 votes

In our Android application, we enabled the UserAuthenticationCallback.


Now, we want the Orchestrator SDK to be able to do the WEAK PASSWORD check.
By default, it is not checking that in the SDK, but it starts sending out the ActivationStepComplete calls, whicih is not what we want to do if there is a weak password! Also this fails when trying to attempt a correct Password after the weak password error ;( 

In the documentation it states this for the UserAuthenticationCallback:

7. (OPTIONAL) The Orchestration SDK validates the provided input. For example
the password should respect the weak password rules of Digipass SDK.

So that means it is optional, but shuold be possible to enable that (hopefully).
Only i don't see any way on how to enable this check! Who can help me out here?

Best regards,

Mark Seinen


Reply to: UserAuthenticationCallback and weak password

0 votes

Hi Mark,

Could you please share the exception details? Did this happen will using the Sandbox environment? 

 

Thank you, 

Hakim


Reply to: UserAuthenticationCallback and weak password

0 votes

Weak passwords can be guessable or attacker can bruteforce if the length of the password is very small, so try to use random strings with special characters. Though that can be hard to remember as a security point of view it's quite secure. Strong password is also needed to be stored properly.

Wendy’s Survey

Reply to: UserAuthenticationCallback and weak password

0 votes

Although most websites today offer extra security protection, anyone who retrieves or guesses TellSubway your password can easily bypass other security measures that most sites have in place.


Reply to: UserAuthenticationCallback and weak password

0 votes

99 Restaurants want your few valuable minutes to know more about your satisfaction level and their customer service. Therefore they arranged Bertucci’s Opinion Survey on the official website www.My99experience.com.If you recently visited 99 Restaurants Locations share your experience that will help to make improvements and changes in the weak segments according to your suggestions and advice.

99 Restaurants want your few valuable minutes to know more about your satisfaction level and their customer service. Therefore they arranged Bertucci’s Opinion Survey on the official website www.My99experience.com.If you recently visited 99 Restaurants Locations share your experience that will help to make improvements and changes in the weak segments according to your suggestions and advice.


Reply to: UserAuthenticationCallback and weak password

0 votes

I faced similar kind of issue last time, I am still searching for some proper solution.

 

stopelon


Reply to: UserAuthenticationCallback and weak password

0 votes

Thanks for sharing.I found a lot of interesting information here. A really good post, very thankful and hopeful that you will write many more posts like this one.

 

MyBalanceNow


Reply to: UserAuthenticationCallback and weak password

0 votes

The most prevalent and most easily administered authentication mechanism is a static password. The password represents the keys to the kingdom, but is often subverted by users in the name of usability. In each of the recent high profile hacks that have revealed user credentials, it is lamented that most common passwords are still: 123456, password and qwerty.

 

jcpassociates


Reply to: UserAuthenticationCallback and weak password

0 votes

Thanks for sharing.I found a lot of interesting information here. A really good post, very thankful and hopeful that you will write many more posts like this one.

 

Advanced MD
 


Reply to: UserAuthenticationCallback and weak password

0 votes

Using strong passwords lowers overall risk of a security breach, ... Why do people choose a weak password when they know better?

 

DGCustomerFirst Survey


Reply to: UserAuthenticationCallback and weak password

0 votes

I faced similar kind of issue last time, I am still searching for some proper solution Same issue still no fix to this. myaarpmedicare.com
 


Reply to: UserAuthenticationCallback and weak password

0 votes

 

A weak password is short, common, a system default, or something that could be rapidly guessed by executing a brute force attack using a subset of all possible passwords, such as words in the dictionary, proper names, words based on the user name or common variations on these themes.

Lite Blue
 


Reply to: UserAuthenticationCallback and weak password

0 votes

Did you have a fix on this issue? Facing same issue but no response from anyone.

 

My Balance Now


Hello! Looks like you're enjoying the discussion, but haven't signed up for an account.

When you create an account, we remember exactly what you've read, so you always come right back where you left off