Password validation fails complex passwords. #8

StevenLiekens opened this Issue Mar 28, 2012 · 13 comments


None yet
6 participants

There is a bug in the android app that prevents me from logging in using a long, complex password with a mixture of upper and lower case letters, numbers and symbols (but no spaces).
I don't know at which point exactly the validation fails, but setting the following password on your prey account will prevent you from logging into the android app: TV!dU9axE3f!Af28W3G$cADstWyQkfcv (don't worry, I've changed my password before posting).

Short, easy to remember (and thus crack) passwords work without issues.


cyaconi commented Jun 28, 2012

I just tried with exactly the same password from an Evo4G device and it works. Under which device did you have this problem?

Samsung Galaxy S2, I believe it ran android 2.3.6 at the time. I've
upgraded to ICS 4.0.3 since then, I'll try again and let you know.

2012/6/28 Carlos Yaconi H.

I just tried with exactly the same password from an Evo4G device and it works. Under which device did you have this problem?

Reply to this email directly or view it on GitHub:
#8 (comment)

It still fails to connect using Prey 0.5 on android 4.0.3, with the following error:

"Prey couldn't connect to the web Control Panel.
Check your settings and try again."

This is different from the "Wrong Password. Try again." message, so there is definitely a code bug somewhere.

(needless to say that my password does work when logging on to the web GUI.)


cyaconi commented Jun 28, 2012

Your password contains ! and $ only, or there are others special chars?


My current password contains these symbols (one or more times): & # ^
Total length is 40 characters (which is the maximum allowed), everything besides these three symbols is a mixture of numbers and upper- and lowercase letters.

I generate these passwords using LastPass, and filling them into the android app is a matter of copy-pasting. So that pretty much excludes the possibility of a typo as well. It might prove useful in testing (although I believe their android app is for premium users only, they do offer an unrestricted 14-day trial period).

Thanks for taking the time to look into this.


cyaconi commented Jun 28, 2012

I'm testing over the new version we're about to release and it seems it's now working. Once you update Prey please let me know if this problem keeps happening on your device.

Next release we'll be available in a couple of weeks.


Hi Carlos

I've just installed the new Prey app for Android, and it's still happening. Could this be a problem with my particular android ROM? I'm running the latest stable build of CyanogenMod 9 on a Samsung Galaxy S2.

The password I'm trying with this time:

Screenshots (I hope these are helpful):

Thanks for your continued effort in resolving this problem.

I ran into the same issue. By trying various lengths and characters, I found that the issue did not have anything to do with the non-alphanumeric characters I was using. The issue is solely based on the length of the password. Where passwords over 24 characters in length are acceptable on the website, they will not work anywhere in the Android app. You cannot create a new account, log into an existing account or register a device to an existing account using a password that is more than 24 characters long.

Nice! Seems kind of silly to use different password length limitations in different applications...


fanuneza commented Feb 6, 2015

Hi, guys. We're (finally) catching up with our Android issues. If your problem persists, please feel free to reopen this.

Have a nice day!

fanuneza closed this Feb 6, 2015

Better late than never I suppose. Keep it up!

Hi, I'm still getting this error and my password is not longer than 24 characters. I'm using Redmi 2 running on Mi7

I ran into this after having to get my LG G4 replaced after it hit the bootloop bug.

I fixed it by logging into the web panel via my desktop and removing the old LG G4 (there were already three devices on my account).

Perhaps this error is returned for several different cases. Either way, a better error when you've reached your device number limit would be nice.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment