blug - squashing them one at a time...

Registration bug, hashing passwords and case sensitivity

Well it didn't take long for new members to report a bug regarding the login process.  People tend to report these things because they can't login, talk about a frustrating experience.

Registration is a very important aspect of any site.  So you have convinced someone that they should belong to your community or service, you better have a smooth registration process or you just lost a customer.  Now this isn't particular to a online community, it is also very important for ecommerce websites and other lead generation type services.

So what actually happened?  Well a few people complained they after confirming their registration, they were not able to login.  I tested the process a few times myself and I couldn't replicate the bug.  It turns out the issue only affected members who registered with a password that contains upper case characters.  Passwords are encrypted on debugging, and it is case sensitive.  That means a password like 'helloWorld' and 'helloworld' will produce a different hash.  It turns out I was calling password.ToLower(); during registration, duh!

After squashing that bug I took the time to rework how the registration process works.  I now allow a user who hasn't confirmed to still login, they just get forced to the confirmation page.  It's a subtle change but I think it clears up any confusion someone might have regarding confirmation.

If you guys have any other feedback please head over to the feedback section and ask away.

 

Comments [1]

hello, world!

So I'm proud to say that after much work, debugging.com has gone live. 

Here are some quick facts about what is going on under the hood:

  • ASP.NET MVC, C#
  • jQuery
  • Sql Server
  • RackspaceCloud hosting

This blog is running on the posterous system (which also happends to run on the cloud).

 

Comments [4]