New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Think about action user.forget_password #1913

Closed

r-peschke opened this issue Sep 18, 2023 · 0 comments

Labels

needs discussion

Milestone

Member

r-peschke commented Sep 18, 2023

This action has some security problems
Some ideas:

Possibility to disable the action
Use email and username, reducing the amount to one email
make the field email unique, may be optionally for the instance
Use some stuff for additional user identification: Store some personal questions, use sms with transaction code for confirmation or other user identification

The text was updated successfully, but these errors were encountered:

r-peschke added the needs discussion label

r-peschke added this to the 4.1 milestone

rrenkert closed this as completed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment