Windows Mobile 6 insecure password handling and too short WLAN-password
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: Windows Mobile 6 insecure password handling and too short WLAN-password
- From: "MC Iglo" <mc.iglo@xxxxxxxxxxxxxx>
- Date: Wed, 8 Oct 2008 20:54:47 +0200
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:mime-version:content-type:content-transfer-encoding :content-disposition; bh=HuYAWdPONN/4sbPnyPM8pwGswSscGLmsO7aV4uYb9Gg=; b=fGRhjE3VcTv0DtTsTlkwrGiaTi8qv6sYljQsejim1LxMShZhlGBnttai40VgoHvec5 o/8aPo7ohPKe0RxT0SDn4zSCQCTCVcUIjYMTNtGFd3d/riXmrT89E2JcKvqSNqqR3SJW 4lA2Val8nNxTdBkpyvoqKHMB+DaFx66bECplc=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type :content-transfer-encoding:content-disposition; b=kHiri3FpJ/Sc3/nLvcc/Z/YyAUomDnHHfv5oetev3TR3T8KyqGn+hvQ28k2TipCS65 6FiZrz3L/aEX6TO2hXvh530BOhgQSTwjpQnYyoKPLHb67mnT8RDLBIHWH9xv29Mzeb7i MuxO4zWXex7TqjpFh5+VNAPStPtXX93s2gUhc=
- List-help: <mailto:bugtraq-help@securityfocus.com>
- List-id: <bugtraq.list-id.securityfocus.com>
- List-post: <mailto:bugtraq@securityfocus.com>
- List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
- List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
- Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
hi list,
I noticed on my HTC Hermes with latest available WM6 (not 6.1!), that
after I entered the password for my WLAN, auto-copletion knows the
phrase and suggests my WLAN-password for almost any input-field.
Further, the memory for passwordstorage is way too small. I can enter
my whole password (auto-completion shows it correctly) but i still
can't connect. If I re-enter the settings, I get shown only 17 dots.
But this isn't enough for my password.
any1 can see the same behavior on his device?