× NETGEAR will be terminating ReadyCLOUD service by July 1st, 2023. For more details click here.
Orbi WiFi 7 RBE973
Reply

Re: RN316 on 6.10.0HF2 - New twist on Admin account lockout issue.

Steedvlx600
Luminary

RN316 on 6.10.0HF2 - New twist on Admin account lockout issue.

After finally getting this thing back under control, I walked away from my computer which was logged in to the admin panel.

 

A frozen pizza and glass of ice tea later.... And, I return to Admin locked out again.

I am thinking that the browser refresh after automatic logout is pinging the admin account even when no input is made to the password prompt.

This then triggers the lockout.

Since there are no other systems connected to the NAS at this time,  I have to believe that this situation is part of the problem.

Model: RN31600|ReadyNAS 300 Series 6- Bay (Diskless)
Message 1 of 7
StephenB
Guru

Re: RN316 on 6.10.0HF2 - New twist on Admin account lockout issue.


@Steedvlx600 wrote:

I am thinking that the browser refresh after automatic logout is pinging the admin account even when no input is made to the password prompt.


I haven't ever seen this issue with my own NAS. But it's possible that I haven't let the admin web ui time out lately.

 

Is your use case the following steps?

  1. log in to the web ui
  2. wait for the automatic logout
  3. manually refresh the browser page

What browser are you using? 

Message 2 of 7
Steedvlx600
Luminary

Re: RN316 on 6.10.0HF2 - New twist on Admin account lockout issue.



I haven't ever seen this issue with my own NAS. But it's possible that I haven't let the admin web ui time out lately.

 

Is your use case the following steps?

  1. log in to the web ui
  2. wait for the automatic logout
  3. manually refresh the browser page

What browser are you using? 


I am using mainly firefox as my browser. In my case, I have not refreshed the page at all. I just let it log out on its own. And, when some time later, using the visible prompt to log back in, it renders a lock out notice.

I notice that Firefox will not allow you to close a tab when the login prompt is displayed. It completely steals focus. So, perhaps it is also transmitting a connection stay-alive to keep the session alive. (Complete conjecture on my part)

I did  try this on Chrome (one time) and, it did not lock out.
Of course, once is hardly a thorough testing. But, it was time to cook dinner. (on JST time here)

If anyone else can replicate this, at least we have a solid recommend for a hotfix of some sort.

Message 3 of 7
Steedvlx600
Luminary

Re: RN316 on 6.10.0HF2 - New twist on Admin account lockout issue.

In my informal testing; Neither Chrome nor Safari have triggered the admin lockout. (In fact, Safari NEVER logs out. I come back hours later. And, it is still logged in to admin.)
My conclusion, therefore, is that Firefox does something differently which triggers it.

So... In the end, it looks like a browser-specific issue to me.


 

Message 4 of 7
StephenB
Guru

Re: RN316 on 6.10.0HF2 - New twist on Admin account lockout issue.


@Steedvlx600 wrote:

In my informal testing; Neither Chrome nor Safari have triggered the admin lockout. (In fact, Safari NEVER logs out. I come back hours later. And, it is still logged in to admin.)
My conclusion, therefore, is that Firefox does something differently which triggers it.

So... In the end, it looks like a browser-specific issue to me.


In my testing, Chrome logged out, but FireFox didn't (same as your Safari test).  FireFox had the NAS username/password stored - which might explain the difference in our results.

 

I tested on with a NAS running 6.10.0 hotfix 2.

Message 5 of 7
Steedvlx600
Luminary

Re: RN316 on 6.10.0HF2 - New twist on Admin account lockout issue.



@StephenB wrote:


In my testing, Chrome logged out, but FireFox didn't (same as your Safari test).  FireFox had the NAS username/password stored - which might explain the difference in our results.

 

I tested on with a NAS running 6.10.0 hotfix 2.


Firefox (on MacOS) has the user/password saved as does my Safari, I never allow saved passwords in Chrome and, I rarely use it for anything (Trust does not extend to Alphabet Corp)

 

After completely resetting  the Firefox app... I have experienced no further problems with it after several tries today. I had cleared cache previously. But, I have only today fully reset the app.

All in all. A mystery which will likely go without a definitive explanation.

Message 6 of 7
Steedvlx600
Luminary

Re: RN316 on 6.10.0HF2 - New twist on Admin account lockout issue.

Suspicions confirmed.

Coincidentally, Firefox released a significant update... part of which seems to have addressed the whole browser login dialog.
I noticed this as the dialog now appears centered on the window rather than extending from the top.

This new version does NOT cause the admin lock-out as described.

Message 7 of 7
Top Contributors
Discussion stats
  • 6 replies
  • 1302 views
  • 0 kudos
  • 2 in conversation
Announcements