Hey! Just a heads-up on a small issue I just had resetting to a new password.
I was just now updating my password using a password manager generated string that had special characters in it. I was allowed to change my password using these characters using the Reset Password procedure, but the beta.resonate.is website didn’t seem to support those characters on logging in (was getting a wrong password error). I was able to log in to my artist dashboard on resonate.is with that same new password though.
Everything resumed working fine once I reverted to using a password without special characters.
@CPacaud What kind of special characters? I would recommend to use only alphanumeric characters. There’s no real need to go beyond alphanumeric chars. I don’t know why the signup is not warning you about this.
Anyway, i think all of these “non alphanumeric chars” should work: ! @ # & ( ) – [ { } ] : ; ‘, ? / *
I have seen wordpress warn about backslash though. (note: discourse does not want to display this character)
I was able to reproduce the problem with backslash and I don’t know if we’re going to fix this. I think it would be much better to warn new users about certain characters.
When you login to the beta app, we’re not comparing your password and hash using wordpress, this can make it impossible to use certain passwords if the implementation of the hashing/decrypting algorithm we’re using is not perfect.
So, in the future we may support characters like backslash. Until then, you’ll have to try using different set of characters.
I wasn’t actually suggesting Resonate should absolutely support those characters, but preventing users from submitting passwords that include these unsupported characters (or restricting to alphanumeric only) should definitely be a feature in my opinion.
For ref, I don’t have the specific problematic password anymore, but it could’ve been using any of those characters (taken from the KeePass 2 website):
the double quote " could well be the issue as this gets automatically escaped using a backslash during url encoding. if different backends don’t treat escaped characters the same way, it would cause the issue.
In the meantime, I’ll look if this is possible to add a characters denylist to the current signup process.
Hi,
I had the exact same problem, I am using keepassXC to generate secure passwords which generally includes special characters and couldn’t understand how I was able to login to my account (https://resonate.is) but when I tried to login into the player (https://beta.resonate.is/) I kept getting errors saying the password was incorrect. Also after resetting the password several times I encountered the problem.
It now works after I removed special characters and capitals, spaces seem to work fine.
Hi, I also have the same issue (new user). I use lastpass to generate passwords.
Although philosophically the dev team seems to be against certain special characters in passwords (fine, I guess), from my password manager’s POV they’re just another character and there’s no way to know they’re not allowed without checking this invite-only forum.
edit: actually I went and changed my old pw (which looked something like this → %V9qAG3#cCw!VG3#cC ) to one with just lowercase alpha, and although I can log in to the wordpress side, I can’t log in to https://beta.resonate.is, i get → Wrong email or password
paste the pw from clipboard into ‘current password’
get error → “This is not your password”
try to log in to player - get wrong password error.
I felt this was going to happen so have avoided logging out, but since I topped up and the new credits didn’t seem to take effect, I logged out with the hope that logging back in would fix it, but now I’m stuck out.
