XZG icon indicating copy to clipboard operation
XZG copied to clipboard
verified publisher icon xyzroe

MQTT - increase password limit

Open fliespl opened this issue 7 months ago • 5 comments

Describe the bug There is probably a limit on number of chars used by mqtt password field. After saving my pass is being cut off, making it not working at all.

My current password: vieF8ooquoopaegh3iepohchoh2eec8jaeChashoh5shejuChafaeT7zashoongu

fliespl avatar May 24 '25 19:05 fliespl

Why don't you use a shorter password?

xyzroe avatar May 25 '25 06:05 xyzroe

@xyzroe or course I can and I did that to set it up adhoc, but how is that relevant to the bug reported? :)

Mqtt protocol specs allow password to be a string with a maximum of 65535 bytes, so I am reporting that this condition in xzg fails.

Also current password recommendations from NIST mention using longer passwords instead of complex ones.

fliespl avatar May 25 '25 07:05 fliespl

https://github.com/xyzroe/XZG/blob/main/src%2Fconfig.h#L192

I think 50 symbols is quite enough. (49 actually) But you can adjust by yourself.

xyzroe avatar May 25 '25 07:05 xyzroe

@xyzroe I am not forcing anything :)

Like I said - I only mentioned this bug, cause someone else might end up with this problem.

And in my case it involved 30 minutes of troubleshooting connectivity settings for connectivity issues. Password was cut off "silently" (no error / no warning). If I would get an error or something I wouldn't even bother you :)

fliespl avatar May 25 '25 16:05 fliespl

I'm having a similar yet opposite problem: It's saying the minimum length username for MQTT is 4 characters, but my username is 3.

Seems like a strange limitation to have on the client side of a service, since it's the server side that dictates minimums/maximums for usernames/passwords.

nabeelr avatar Aug 29 '25 14:08 nabeelr