• We have implemented the ability to gift someone a Supporting Membership now! When you access the Upgrade page there is now a 'Gift' button. Once you click that you can enter a username to gift an account Upgrade to. Great way to help support this forum plus give some kudos to anyone who has helped you.
Aussie Home Brewer

Help Support Aussie Home Brewer:

CJW

Well-Known Member
Joined
22/3/15
Messages
74
Reaction score
33
I think they mean: the password length required is now longer than it used to be
Yeah, but what @donald_trub is saying is the only way they could know your old password length is if they stored it in plaintext in the old system.

This is very very bad, nobody should have been doing that 15 years ago, let alone now.

Hey @KegLand-com-au can you please confirm the new site stores passwords as salted hashes, if they are not you must get onto your webdevs and insist this is fixed.
 

Half-baked

Well-Known Member
Joined
9/10/17
Messages
90
Reaction score
37
But they never said they knew the password length...
 
Last edited:

brisie

Active Member
Joined
19/9/17
Messages
40
Reaction score
5
Location
Daisy hill
sorry missed that one. The new Core Actuator Mini Regulator should have already been finished however the corona virus and CNY is causing some additional delays unfortunately. I think we will get this in about 1-2 months. So you might miss out for your camping trip unfortunately.
I've had the IPA virus for over 20 years must say it slows me down for the new year
 

onemorecell

Well-Known Member
Joined
14/3/19
Messages
132
Reaction score
56
Location
Australia
Can I just point out how totally unacceptable this is? The only way you could know our password lengths is if our passwords were being stored in plaintext. Cryptographic hash functions produce a fixed-length output.

Since you're handling our credit card numbers I expect you to follow very basic security mechanisms that even a high schooler would know to turn on.
if you buy stuff it goes to an external site - be surprised if that meant they're storing credit card numbers...
 

theSeekerr

Well-Known Member
Joined
8/9/16
Messages
93
Reaction score
31
Because you can no longer log in [emoji1787]
Yes, but if they were following best practices (and this isn't even "best practices" so much as it is "the bare minimum for anyone handling logins to any remote system") they can't know the length of a stored password.

Now, they could measure it during login, but if they were doing that they could just let it login and immediately force a password reset. They didn't do that - they disabled all the too-short password accounts in advance, something they would not have been able to do unless they knew the password length.
 

Half-baked

Well-Known Member
Joined
9/10/17
Messages
90
Reaction score
37
@donald_trub quoted an old KL post saying that if passwords weren’t long enough they would need to be updated.

He didn’t substantiate beyond that why he thought KL knew his password length (although presumably he needed to reset his password at some point too)...

If there is any reason beyond that, like an email from KL saying his password is X characters, would be good to know, otherwise it’s not clear why there’s any problem
 

mud13s

Member
Joined
7/5/12
Messages
18
Reaction score
13
I replaced my password with one exactly the same length with no issue, no it wasn’t the same password !
Perhaps when the new “rule” came in all account passwords had to be reset regardless of length?
 

KegLand-com-au

www.KegLand.com.au - A Land of Stainless Steel
AHB Sponsor
Joined
8/1/18
Messages
1,331
Reaction score
857
Location
Australia
Can I just point out how totally unacceptable this is? The only way you could know our password lengths is if our passwords were being stored in plaintext. Cryptographic hash functions produce a fixed-length output.

Since you're handling our credit card numbers I expect you to follow very basic security mechanisms that even a high schooler would know to turn on.
We can't see your password on the back end as they are encrypted. A number of months ago when the magento upgrade went through we started to get notifications of errors that people could not log in. It has been through these errors that we know the password length is not suitable. Not because we can see your password. We are able to set a password from the back end of the website but we can't see the passwords. This is the same with other customers using Magento CMS too. Magento is probably one of the most popular CMS systems for large online retailers.
 

KegLand-com-au

www.KegLand.com.au - A Land of Stainless Steel
AHB Sponsor
Joined
8/1/18
Messages
1,331
Reaction score
857
Location
Australia
I replaced my password with one exactly the same length with no issue, no it wasn’t the same password !
Perhaps when the new “rule” came in all account passwords had to be reset regardless of length?
Yes that might be the case too. If you can't log in for some reason we would generally say to customers you might need to change your password. With that said it can be for other reasons too. For instance we have had a duplicate account this can also cause an issue sometimes too. So if we have two accounts with the same email this can also cause a problem that we manually have to delete one of the accounts on the back end but we would generally assume invalid password length as this is more probable.
 

KegLand-com-au

www.KegLand.com.au - A Land of Stainless Steel
AHB Sponsor
Joined
8/1/18
Messages
1,331
Reaction score
857
Location
Australia
Anyone bought the Nukatap faucets yet? Thoughts?
Yes would be keen to hear from you guys. We have started shipping these already but we would ideally like to know what you think as we are in the process of discontinuing the Intertaps. RIP. The Nukataps are still trying to finish the FC Nukatap and also finish the cremer shuttle for these taps too. Do you guys have any other features you want us to work on?
 

Grmblz

Well-Known Member
Joined
19/6/17
Messages
254
Reaction score
162
Location
Far South Coast NSW
Yes would be keen to hear from you guys. We have started shipping these already but we would ideally like to know what you think as we are in the process of discontinuing the Intertaps. RIP. The Nukataps are still trying to finish the FC Nukatap and also finish the cremer shuttle for these taps too. Do you guys have any other features you want us to work on?
Some people like the black chrome look, not me, but it might be worth considering.
 

f00b4r

Well-Known Member
Joined
29/10/14
Messages
70
Reaction score
16
Location
Berlin
Yes would be keen to hear from you guys. We have started shipping these already but we would ideally like to know what you think as we are in the process of discontinuing the Intertaps. RIP. The Nukataps are still trying to finish the FC Nukatap and also finish the cremer shuttle for these taps too. Do you guys have any other features you want us to work on?
The “beer engine” spout that was originally going to be made for the Intertap faucets would be good.
Also an option for no black logo on would be great, I’m another that thinks it looks much better with just polished SS (like on the Intertap).
 

TheBeerBaron

Well-Known Member
Joined
27/11/18
Messages
125
Reaction score
111
Location
Brisbane
Any details on the changes to the FermZilla Dr Hans has on his YouTube channel?
 

Plyplema

Member
Joined
20/4/08
Messages
13
Reaction score
4
Yeah, seeing that was a bit of a worry to say the least. Cracking must be occurring for it to require a mould change? Do those who haven't had a chance to brew many batches with it yet just have to wait and see?
 

enoch

Well-Known Member
Joined
29/1/06
Messages
551
Reaction score
46
I have replaced some perfectly ok ultratap FCs with nukataps. Got rid of the hollow pours I was annoyed with!
I’m running the fc disconnects so fc taps was unnecessary. Also confirm the spouts are interchangable (as advertised).

Now looking at the grand deluxe 3 door to replace my ancient 3 door commercial fridge. Just a bit nervous about $$$hipping.

Yes would be keen to hear from you guys. We have started shipping these already but we would ideally like to know what you think as we are in the process of discontinuing the Intertaps. RIP. The Nukataps are still trying to finish the FC Nukatap and also finish the cremer shuttle for these taps too. Do you guys have any other features you want us to work on?
 
2
Group Builder
Top