[
https://issues.apache.org/jira/browse/MNG-5512?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17471867#comment-17471867
]
Michael Osipov commented on MNG-5512:
-------------------------------------
Not really, because lack of time and I have never used the "encrypted"
credentials. Your issue may still be perfectly valid, but we need to know that.
> Deploy uses passwords that failed decryption; retries even if login fails
> -------------------------------------------------------------------------
>
> Key: MNG-5512
> URL: https://issues.apache.org/jira/browse/MNG-5512
> Project: Maven
> Issue Type: Bug
> Reporter: Sebb
> Priority: Major
> Fix For: waiting-for-feedback
>
> Attachments: mng5512.zip
>
>
> [See MDEPLOY-130 which was closed as being an issue in Maven core]
> If passwords have been encrypted, deploy fails to notice if the password
> decryption failed.
> Furthermore, it carries on trying to login even after a login failure.
> This is true even if the decryption succeeded but the password was incorrect
> or no encryption was used and the password is incorrect.
> This is bad as it can result in lockout due to the multiple failed logins -
> deploy needs to login several times - and may cause unnecessary work for
> system admins.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
