-2

This password has been used for many years so I cannot change it without ire from employees. The original code was done in Java which allows a leading zero. Is there any way I can still use the password "0123" in Kotlin? I have the password saved as a variable.

Tried 0123 and it gives the error: Unsupported [Literal prefixes and suffixes] & Property Setter and Getter expected.

I expected it to work as it works without a 0 in front.

Usage:

private var password = 0123
private var passcode: EditText? = null

if (passcode?.text.toString() == password.toString()) {
// do something
}else {
// do something else
}
Altohombre
  • 21
  • 5
  • 1
    Password for what? It's not at all clear what you're talking about. – Tenfour04 Jan 11 '23 at 18:23
  • What type is the password? Strings can have leading 0s, although [it's not good to store passwords in strings](https://stackoverflow.com/questions/12937641/handling-passwords-used-for-auth-in-source-code). Whatever the case, it sounds like your password-handing code is seriously insecure, so you may have larger problems than just leading zeroes. – ggorlen Jan 11 '23 at 18:29
  • Edittext. User enters 0123 and it validates. – Altohombre Jan 11 '23 at 18:30
  • Please show a [mcve]. It's still unclear what we're dealing with here. – ggorlen Jan 11 '23 at 18:31
  • @ggorlen This usage does not need to be that secure for this usage. – Altohombre Jan 11 '23 at 18:31
  • 1
    We need to see sample code to understand what you're trying to do and what you're doing incorrectly. For example, show your working Java code and your not-working Kotlin version. – Tenfour04 Jan 11 '23 at 18:32
  • added code above – Altohombre Jan 11 '23 at 18:35
  • If it's a String, enter it as a String. You would have the same issue if you declared an `int` in Java. Use `private var password = "0123"` – Tenfour04 Jan 11 '23 at 18:36
  • @Tenfour04 I don't have the working Java code. I am making a new app and the users are acclimated to using the passcode 0123 for this use case. – Altohombre Jan 11 '23 at 18:39
  • 3
    Why are you defining the password as a number and not a string? – Joffrey Jan 11 '23 at 18:41
  • @Altohombre "This usage does not need to be that secure for this usage." —every company that got hacked. I hope you're not working for LastPass or [SolarWinds](https://www.cnn.com/2021/02/26/politics/solarwinds123-password-intern/index.html). – ggorlen Jan 11 '23 at 18:41
  • @ggorlen this is an internal use app and even if someone guessed it it wouldn't be a big deal. Just a deterent for new people. – Altohombre Jan 11 '23 at 18:45
  • Probably a dupe of [Integer leading zero issue in Java](https://stackoverflow.com/questions/26710650/integer-leading-zero-issue-in-java) now that code was added. – ggorlen Jan 11 '23 at 18:46
  • @Altohombre Yeah, it's an internal app right now and not a big deal now. Then later, you quit the company, someone forgets that it's totally insecure and puts some important information in there and it becomes exposed to the public. Next thing you know, your company is out billions of dollars. It's not hard to sensibly and securely encrypt the password and use a char array rather than an integer. Other people see these sort of posts and think it's OK, so don't be offended that this is pointed out--it's public duty. – ggorlen Jan 11 '23 at 18:47
  • @Tenfour04 your answer worked. I haven't looked at this code in a while and got flustered by the Octal stuff I saw online. Please make an answer so I can give you credit. thx! – Altohombre Jan 11 '23 at 18:47

1 Answers1

1

First of all, you should seriously consider not hardcoding a password like this. It is very insecure. Now your question might be relevant for other things than passwords, so for those cases please read ahead.

Without double-quotes, the value you're using to set the password variable is a number, not a string (text). So essentially you are (trying to) define the number 123 (one hundred and twenty three) as password. But most likely you don't care about the numeric value 123 here, you want the 4 characters 0123.

If what you want is to compare text, use double-quotes like this private val password = "0123" (and then you don't need .toString() for your comparison).

Now as to why you're getting this weird error. The error you're facing arises if you're trying to use a number literal with a leading 0, like 0123 in Kotlin. This is because Kotlin believes you're trying to use Java's octal prefix interpretation and is preventing a potential mistake. In Java, number literals with a 0 in front are read in octal (base 8 number system). So the value 0123 (as a number literal) is in fact 83 in decimal.

Kotlin doesn't support the octal prefix, but that is definitely not what you want here anyway.

Joffrey
  • 32,348
  • 6
  • 68
  • 100
  • 1
    Worth mentioning for future visitors that plain text strings baked into the source code aren't secure, nor is saving the user's password input in a string, so after these changes the authentication system is still completely unsafe. – ggorlen Jan 11 '23 at 18:49