"forgot password" should not reset password directly
|Reported by:||moo||Owned by:||hasienda|
|Severity:||major||Keywords:||passwort reset forgot|
it's easy to know which email someone use, trying to reset their password is funny, isn't it?
why not save a temp password in another table/file, so ppl can use it to reset password, and login later.
Change History (18)
comment:11 in reply to: ↑ 10 Changed 5 years ago by hasienda
- Keywords passwort reset forgot added; needinfo removed
- Owner changed from mgood to pacopablo
- Priority changed from normal to high
- Severity changed from normal to major
comment:12 in reply to: ↑ 8 Changed 4 years ago by hasienda
- Owner changed from pacopablo to hasienda
comment:17 Changed 4 years ago by hasienda
- Resolution set to fixed
- Status changed from assigned to closed