Hi,
I am trying to sign-up to QuickFile for another one of my businesses and I use a password manager to handle my password management. This allows me to enforce unique and rather complex passwords across all services without remembering the passwords myself.
During the QuickFile sign-up process, I was asked for a password, my password generator suggested this:
4(5J)2wmYvxMdGS\9Ns3c
j"uDiT<GT|\<4u}L"
This is a 40 character password that uses A-Z, a-z, 0-9, underscores, dashes and other symbols. Once I submitted the sign-up application process to get to the next stage, I encountered an HTTP 500 error.
To fix this issue as a customer/user, I was forced to reduce my password complexity to deal with the error. This is not ideal and gives a bad impression of QuickFile’s infrastructure.
Being a software engineer myself, I’m am now under the impression that QuickFile isn’t consuming passwords safely and therefore one or more of the escape like characters broke the back-end.
You can duplicate this error by also using this very same “complicated” password during the sign-in process, regardless if that is indeed your password. You’ll trigger a HTTP 500 error: