Menu
What's new
By:
Filters Better Search

Latest update broke password manager support

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

user41095

user41095

New Around Here
Hey there,

The latest Aususwrt update has broken the router login interface. I am unable to use password manager keepass to handle any logins. Furthermore it is impossible to copy and paste into the password field and when your password looks like 9oafvvucxW38Y3xUrnPH this becomes annoying.

Please revert to previous login window. This attempt at security creates a vulnerability.
 
user41095 said:
Hey there,

The latest Aususwrt update has broken the router login interface. I am unable to use password manager keepass to handle any logins. Furthermore it is impossible to copy and paste into the password field and when your password looks like 9oafvvucxW38Y3xUrnPH this becomes annoying.

Please revert to previous login window. This attempt at security creates a vulnerability.
Click to expand...

The copy'n'paste issue is already known.....and discussed in several threads:

http://www.snbforums.com/threads/bu...rd-on-login-page-in-378-55.26058/#post-194272

P.S. Pretty bold statement by you, i.e. not sure how this move to a token based authentication method 'creates a vulnerability'?

Several posts also indicate keepass does work - search the forum

e.g. enable a keepass feature

http://www.snbforums.com/threads/asuswrt-merlin-378-55-is-now-available.25874/page-14#post-194790
 
Last edited:
I did some poking around, the problem is caused by "onpaste="return false;" noscript"

The solution, for Firefox, is to use "disable clipboard manipulations" addon - https://addons.mozilla.org/en-US/firefox/addon/nocopypaste/

Martineau said:
P.S. Pretty bold statement by you, i.e. not sure how this move to a token based authentication method 'creates a vulnerability'?
Click to expand...

Without the workaround the issue may drive the user to create a simpler, easier to remember, password. It causes the user to type out the password manually, this makes it susceptible to keyloggers. It causes the user to view the password, if retyping it from a database, which makes it visible to anyone looking over the shoulder or through a remote connection.
 
Like suggested, use the auto type feature of Keepass. Its even safer than copy paste anyway.

I believe Merlin already said that he might remove the onpaste restriction in the next release.
 
You must log in or register to reply here.

Similar threads

Viktor Jaep
VPNMON VPNMON-R2 v2.0 -Jul 10, 2022- Monitor your VPN connection's Health (Thread locked/closed)
23 24 25
Replies
499
Views
48K
Viktor Jaep
Viktor Jaep
TeHashX
Tutorial pyLoad Download Manager through Optware
5 6 7
Replies
129
Views
85K
akbor
A
Similar threads
Thread starter Title Forum Replies Date
Z Solved Accidentally flashed XT12 latest merlin on a ET12 Asus Zenwifi Pro. Can't flash back stock FW. Asuswrt-Merlin 11
E WebUI not working - AX86U (latest Merlin firmware) Asuswrt-Merlin 5
L Does the latest AsusWRT/Merlin FW has a memory leak? Asuswrt-Merlin 20
C GT-AXE 16000 Latest Merlin and latest Stock both have memory leaks Asuswrt-Merlin 4
B RT-AC68U QoS and questions about latest Merlin Asuswrt-Merlin 20
Diamond67 Solved My radio problems with the latest Merlin fw 386.12_4 seem to be over Asuswrt-Merlin 1
Z latest firmware for RT AX-86U - bug Asuswrt-Merlin 13
Phantomski Kernel versions of latest routers with Merlin's FW Asuswrt-Merlin 18
J Asus RT-AC68R /w latest Merlin 386.12 firmware - Openvpn client issue Asuswrt-Merlin 2
J Solved *SOLVED* Asus RT-AX86U Pro on latest Merlin 3004.388.4, cannot get RT-AC68U (on any firmware) to connect as a AI Mesh Node Asuswrt-Merlin 3

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 901 (members: 24, guests: 877)
Top