Add password reset via e-mail
Openopened 7 years ago by wolfbeast · 0 comments
A trickier thing to implement:
- Needs a captcha for abuse prevention.
- Needs rate limiting (sugg.: 1/day) so people can't spam others by entering their e-mail account.
- Needs generation of a unique link to feed back into the system for verification
- Needs a secure form to enter a new password linked to the unique ID
- Needs SQL statements to change the password from the web, similar to how it's done from within the Sync client (reset password removes synced data, for security reasons)
Reference in new issue
There is no content yet.
Delete Branch '%!s(<nil>)'
Deleting a branch is permanent. It CANNOT be undone. Continue?