Overview
When a user who has the less than character ( < ) in their password tries to open the web interface, the following error appears:
Server Error in '/MailEssentials' Application
'A potentially dangerous Request.Form value was detected from the client (txtPassword=123<456)'
Note: '123<456' refers to the user-defined password with the less than character ( < ).
Environment
- GFI MailEssentials
- Forms authentication is enabled
- (txtPassword=Passwordwith<Character)
Root Cause
The ASP.NET feature request validation tries to prevent script attacks. For more information, refer to Request Validation - Preventing Script Attacks.
Resolution
These are the two options in solving this issue:
- Set MailEssentials to use Windows Authentication. This can be done via Switchboard > UI Mode > Security > Authentication.
- Change the user's password. Create a new password that does not contain the less than character ( < ).