Menu
What's new
By:
Filters Better Search

Latest update broke password manager support

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

user41095

user41095

New Around Here
Hey there,

The latest Aususwrt update has broken the router login interface. I am unable to use password manager keepass to handle any logins. Furthermore it is impossible to copy and paste into the password field and when your password looks like 9oafvvucxW38Y3xUrnPH this becomes annoying.

Please revert to previous login window. This attempt at security creates a vulnerability.
 
user41095 said:
Hey there,

The latest Aususwrt update has broken the router login interface. I am unable to use password manager keepass to handle any logins. Furthermore it is impossible to copy and paste into the password field and when your password looks like 9oafvvucxW38Y3xUrnPH this becomes annoying.

Please revert to previous login window. This attempt at security creates a vulnerability.
Click to expand...

The copy'n'paste issue is already known.....and discussed in several threads:

http://www.snbforums.com/threads/bu...rd-on-login-page-in-378-55.26058/#post-194272

P.S. Pretty bold statement by you, i.e. not sure how this move to a token based authentication method 'creates a vulnerability'?

Several posts also indicate keepass does work - search the forum

e.g. enable a keepass feature

http://www.snbforums.com/threads/asuswrt-merlin-378-55-is-now-available.25874/page-14#post-194790
 
Last edited:
I did some poking around, the problem is caused by "onpaste="return false;" noscript"

The solution, for Firefox, is to use "disable clipboard manipulations" addon - https://addons.mozilla.org/en-US/firefox/addon/nocopypaste/

Martineau said:
P.S. Pretty bold statement by you, i.e. not sure how this move to a token based authentication method 'creates a vulnerability'?
Click to expand...

Without the workaround the issue may drive the user to create a simpler, easier to remember, password. It causes the user to type out the password manually, this makes it susceptible to keyloggers. It causes the user to view the password, if retyping it from a database, which makes it visible to anyone looking over the shoulder or through a remote connection.
 
Like suggested, use the auto type feature of Keepass. Its even safer than copy paste anyway.

I believe Merlin already said that he might remove the onpaste restriction in the next release.
 
You must log in or register to reply here.

Similar threads

Viktor Jaep
VPNMON VPNMON-R2 v2.0 -Jul 10, 2022- Monitor your VPN connection's Health (Thread locked/closed)
23 24 25
Replies
499
Views
57K
Viktor Jaep
Viktor Jaep
TeHashX
Tutorial pyLoad Download Manager through Optware
5 6 7
Replies
129
Views
87K
akbor
A
Similar threads
Thread starter Title Forum Replies Date
N FW Update Issue from 386.3_2 to latest on ASUS RT-AX88U Asuswrt-Merlin 10
M RT-AC86U Errors after latest firmware update (386.14) Asuswrt-Merlin 3
grinna Update to the latest AC68P firmware Asuswrt-Merlin 1
Z AX86U no longer boots if usb is connected after latest update 3004.388.7 Asuswrt-Merlin 3
D L2TP client on ax88U pro running latest merlin firmware how to add device Asuswrt-Merlin 0
N WiFi issues with latest version 388.8_2 on ASUS RT-AX88U Asuswrt-Merlin 7
sthornington Latest (Oct 2024) "best" recommended router for Merlin? Asuswrt-Merlin 19
W RT-AX86U with latest version 3004.388.8_2 always crash and reboot Asuswrt-Merlin 39
C GT-AX11000 Time Machine Not working on latest Merlin Asuswrt-Merlin 25
Swistheater Some kind of 2.5gbit bottleneck issue - testing new GTAX11000 on Merlin latest 388.7 Asuswrt-Merlin 57

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Members online

Total: 694 (members: 29, guests: 665)
Top