> We have a product, written in Delphi2010, which uses an IBObjects
> TIBODatabase object to connect to a Firebird2.5 database. The
> TIBODatabase object has properties for username & password, required to
> connect. The passwords we're using (SysDBA & two user types) are random
> alpha & non-alpha characters, 32-chars long.
>
> We have reason to suspect (though no proof at this time) that the
> security of our DB mayhave been compromised. In way of prevention, we're
> putting the question out ... have there been known security issues in
> the Delphi/IBO/Firebird chain? Is there an upper limit on FB password
> length?

8 characters. So, e.g. masterke and masterkey are treated equal.


--
With regards,
Thomas Steinmaurer
http://www.upscene.com/

Professional Tools and Services for Firebird
FB TraceManager, IB LogManager, Database Health Check, Tuning etc.