Details
-
Type:
Bug
-
Status:
Open
-
Priority:
Major
-
Resolution: Unresolved
-
Affects Version/s: 3.0.10-RC2
-
Fix Version/s: 3.0.13-RC1
-
Component/s: Login
-
Labels:None
-
Environment:Apache/2.2.19 (Win32) PHP/5.3.4
MySQL(i) 5.5.13
Description
3.0.10-RC2 fresh installation.
1) Enter ACP -> Spambot countermeasures/
2) Set (to simplify things) Maximum number of login attempts per username: 1.
3) Configure Q&A plugin, f.e. set Q: 1+1= and A: 2.
4) Click Logout, then Login.
5) Trying to login with your username, but wrong pass. First time you get error: You have specified an incorrect password. Please check your password and try again. If you continue to have problems please contact the Board Administrator. It's ok. Try enter wrong pass again.
6) Trying to login with your username, but wrong password second time, you get error: You exceeded the maximum allowed number of login attempts. In addition to your username and password you now also have to solve the CAPTCHA below. No mention about incorrect password, but go on, try 3rd time.
7) Trying to login 3rd time with your username, correct Q&A answer, but wrong password, you get error: You exceeded the maximum allowed number of login attempts. In addition to your username and password you now also have to solve the CAPTCHA below. No mention of the wrong pasword, and (attention!) no Q&A CAPTCHA below.
8) If you try to enter using [correct|incorrect] password now, you'll get again You exceeded the maximum allowed number of login attempts. In addition to your username and password you now also have to solve the CAPTCHA below. Q&A presents now.