You are not registered yet. Please click here to register!


 
 
plc storereviewsdownloads
This board is for PLC Related Q&A ONLY. Please DON'T use it for advertising, etc.
 
Try our online PLC Simulator- FREE.  Click here now to try it.

---------->>>>>Get FREE PLC Programming Tips

New Here? Please read this important info!!!


Go Back   PLCS.net - Interactive Q & A > PLCS.net - Interactive Q & A > LIVE PLC Questions And Answers

PLC training tools sale

Reply
Thread Tools Display Modes
Unread November 27th, 2019, 11:26 AM   #1
jkerekes
Member
United States

jkerekes is offline
 
jkerekes's Avatar
 
Join Date: Aug 2007
Location: NJ
Posts: 2,241
FTView SE 11.0 Security Password Issue

I have a really bizarre password issue with FTView SE 11.0. More than one system, both on Distributed and Station editions. All on VersaViews. Using FT User accounts.

Issue1: No minimum length, no complexity enforcement. A two character Password in the form of a number followed by a letter. If the number is correct, the letter entered doesn't matter, and SE logs you on.

Issue2: Changed minimum length to six. not complexity enforcement. Five letters followed by a sing number, for a total of six characters. Again if the first five are correct, the number doesn't matter, SE logs you in.

Haven't experimented to see if other patterns emerge. Tech. support can't replicate this issue. Anyone have any ideas what is going on here? Thanks.
__________________
John
  Reply With Quote
Unread November 28th, 2019, 03:45 PM   #2
celichi
Member
Canada

celichi is offline
 
celichi's Avatar
 
Join Date: Apr 2008
Location: Dundas
Posts: 131
Quote:
Originally Posted by jkerekes View Post
I have a really bizarre password issue with FTView SE 11.0. More than one system, both on Distributed and Station editions. All on VersaViews. Using FT User accounts.

Issue1: No minimum length, no complexity enforcement. A two character Password in the form of a number followed by a letter. If the number is correct, the letter entered doesn't matter, and SE logs you on.

Issue2: Changed minimum length to six. not complexity enforcement. Five letters followed by a sing number, for a total of six characters. Again if the first five are correct, the number doesn't matter, SE logs you in.

Haven't experimented to see if other patterns emerge. Tech. support can't replicate this issue. Anyone have any ideas what is going on here? Thanks.
Sounds like a serious issue.

Go direct to your channel manager at Rockwell and or your distributor.

Get them to go direct to product group with your existing ticket number.
  Reply With Quote
Unread November 28th, 2019, 08:16 PM   #3
jkerekes
Member
United States

jkerekes is offline
 
jkerekes's Avatar
 
Join Date: Aug 2007
Location: NJ
Posts: 2,241
It is a serious issue. One Iíve never come across before. We do have the issue escalated. I was hoping someone here had experienced this. Rockwell canít replicate the issue
__________________
John
  Reply With Quote
Unread November 29th, 2019, 09:37 AM   #4
crawler009
Member
Switzerland

crawler009 is offline
 
crawler009's Avatar
 
Join Date: Feb 2012
Location: Planet Earth
Posts: 223
Hi jkerekes

yes, the problem is only if you have selected the new encryption method SHA-256 (witch greater security ).
System -> Policies -> System policies -> Security policy -> Password encryption method.

Change back to the old one MD5 and it works fine. Or use active directory user mangement.


Yes, there a lot of ways to reproduce the error. The password passes if the first half of the password is correct,
and the length or the length -1 char.

Best regards
crawler009

Last edited by crawler009; November 29th, 2019 at 09:40 AM.
  Reply With Quote
Unread November 29th, 2019, 12:12 PM   #5
jkerekes
Member
United States

jkerekes is offline
 
jkerekes's Avatar
 
Join Date: Aug 2007
Location: NJ
Posts: 2,241
Thanks for the insight. I did look at the encryption methods. I’m not positive which one is selected. Do you know which is the default? I’ll have to verify this on Monday. This must be the issue. The only downside is that the accounts need to be recreated. But if it fixes the issue, it has to be done. Thanks again.
__________________
John
  Reply With Quote
Unread December 2nd, 2019, 01:40 PM   #6
jkerekes
Member
United States

jkerekes is offline
 
jkerekes's Avatar
 
Join Date: Aug 2007
Location: NJ
Posts: 2,241
That was it! Thanks for your help and insight. BTW, how did you learn about this issue? People are asking me. Thanks again.
__________________
John
  Reply With Quote
Unread December 2nd, 2019, 02:48 PM   #7
Maxkling
Member
United States

Maxkling is offline
 
Join Date: Mar 2011
Location: Atlanta
Posts: 274
There are knowledge base articles about it.

Article 1088797 states SHA256 does not properly encrypt password. It shows how to install a patch to correct the issue.
  Reply With Quote
Unread December 2nd, 2019, 03:03 PM   #8
jkerekes
Member
United States

jkerekes is offline
 
jkerekes's Avatar
 
Join Date: Aug 2007
Location: NJ
Posts: 2,241
Wait a second. Why didn’t Rockwell tech. Support find this? And this applies to FTView 6.1. We’re talking about version 11. And it’s still an issue? T HTG and you very much for point this out. Grrr.
__________________
John
  Reply With Quote
Unread December 2nd, 2019, 03:16 PM   #9
KuulKuum
Member
United States

KuulKuum is offline
 
Join Date: Jun 2006
Location: Texas
Posts: 239
Quote:
Originally Posted by jkerekes View Post
Wait a second. Why didnít Rockwell tech. Support find this? And this applies to FTView 6.1. Weíre talking about version 11. And itís still an issue? T HTG and you very much for point this out. Grrr.
The RA knowledgebase article is referring to FactoryTalk Services Platform 6.10 and 6.11 not FTV 6.1
  Reply With Quote
Unread December 2nd, 2019, 03:23 PM   #10
jkerekes
Member
United States

jkerekes is offline
 
jkerekes's Avatar
 
Join Date: Aug 2007
Location: NJ
Posts: 2,241
I misread that. Thanks for the clarification. It still doesnít explain why tech support didnít alert us to this. They kept escalating it up. Is it included in a current patch roll up? I have to verify witch month of patches we have installed
__________________
John

Last edited by jkerekes; December 2nd, 2019 at 03:26 PM.
  Reply With Quote
Unread December 2nd, 2019, 06:13 PM   #11
Maxkling
Member
United States

Maxkling is offline
 
Join Date: Mar 2011
Location: Atlanta
Posts: 274
Looks like itís a separate patch.

https://download.rockwellautomation....id=RAid1088797

Itís hard to research on my phone if itís been included in a roll up patch.

Looks like latest roll up is 9/2/19, the FTServices patch above is 8/12/19. So I would assume it would be included in the September release, but not sure.
  Reply With Quote
Unread December 2nd, 2019, 07:10 PM   #12
jkerekes
Member
United States

jkerekes is offline
 
jkerekes's Avatar
 
Join Date: Aug 2007
Location: NJ
Posts: 2,241
Thanks again for everyoneís help.
__________________
John
  Reply With Quote
Unread December 3rd, 2019, 09:09 AM   #13
crawler009
Member
Switzerland

crawler009 is offline
 
crawler009's Avatar
 
Join Date: Feb 2012
Location: Planet Earth
Posts: 223
Quote:
Originally Posted by jkerekes View Post
That was it! Thanks for your help and insight. BTW, how did you learn about this issue? People are asking me. Thanks again.
It was a customer who found out at FAT that he could login with a wrong password, and he wasnt so happy about that.
  Reply With Quote
Unread December 3rd, 2019, 10:00 AM   #14
jkerekes
Member
United States

jkerekes is offline
 
jkerekes's Avatar
 
Join Date: Aug 2007
Location: NJ
Posts: 2,241
Quote:
Originally Posted by crawler009 View Post
It was a customer who found out at FAT that he could login with a wrong password, and he wasnt so happy about that.
I can imagine! We found it during pre-FAT testing.
__________________
John
  Reply With Quote
Reply
Jump to Live PLC Question and Answer Forum

Bookmarks


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Topics
Thread Thread Starter Forum Replies Last Post
FTView SE Windows 10 FM20.dll issue ArtWalls LIVE PLC Questions And Answers 3 December 20th, 2018 01:11 PM
FTView SE as a GUI to edit/maintain custom SQL tables mgallgood LIVE PLC Questions And Answers 12 February 8th, 2017 04:32 PM
FTView SE Version 8 Trend pen issue Cices LIVE PLC Questions And Answers 3 May 19th, 2016 05:36 AM
RSLogix 5000 v20, ALMD's, FTView SE v6 - DST Issue Vinster LIVE PLC Questions And Answers 9 September 29th, 2015 02:19 PM
Factorytalk view password reset button problem Nan LIVE PLC Questions And Answers 6 September 29th, 2015 02:16 PM


All times are GMT -5. The time now is 05:09 PM.


.