Subject Re: [firebird-support] Security bug in Firebird !!
Author Helen Borrie
At 09:47 AM 30/12/2008, you wrote:
>I created a Firebird database. The administrator uses a password
>fairly long (more than 9 characters)
>I found that only the first 8 characters of the password are taken
>into account, others are ignored.

That is correct. Firebird's password encryption encrypts only the first 8 characters of any password. So, for example, if the password is 'masterkey' then you will find that 'masterkettle' will work.

It is not a bug. It is a known shortcoming. So be intelligent about choosing passwords.