Add password reset via e-mail #2

Open
opened 7 years ago by wolfbeast · 0 comments
wolfbeast commented 7 years ago (Migrated from github.com)
Owner

A trickier thing to implement:

  • Needs a captcha for abuse prevention.
  • Needs rate limiting (sugg.: 1/day) so people can't spam others by entering their e-mail account.
  • Needs generation of a unique link to feed back into the system for verification
  • Needs a secure form to enter a new password linked to the unique ID
  • Needs SQL statements to change the password from the web, similar to how it's done from within the Sync client (reset password removes synced data, for security reasons)
A trickier thing to implement: - Needs a captcha for abuse prevention. - Needs rate limiting (sugg.: 1/day) so people can't spam others by entering their e-mail account. - Needs generation of a unique link to feed back into the system for verification - Needs a secure form to enter a new password linked to the unique ID - Needs SQL statements to change the password from the web, similar to how it's done from within the Sync client (reset password removes synced data, for security reasons)
Sign in to join this conversation.
No Milestone
No Assignees
1 Participants
Notifications
Due Date

No due date set.

Dependencies

No dependencies set.

Reference: Moonchild/FSyncMS#2
Loading…
There is no content yet.