Forum OpenACS Development: Re: ACS Authentication: Letting any anonymous user reset any system user's password is trouble

Collapse
2: Re: ACS Authentication: Letting any anonymous user reset any system user's password is trouble (response to 1)
Posted by Eduardo Pérez on 09/27/06 03:39 PM
I have upgraded the attached patch following Rocael's comments.

Could some people that know about acs-authentication review the patch?

I think this is a really good enhancement over the inconvenient reset password.

Collapse
3: Re: ACS Authentication: Letting any anonymous user reset any system user's password is trouble (response to 2)
Posted by Malte Sussdorff on 06/03/07 11:47 AM
It would be more perfect if you would actually send to the email address of the user and not to the username. This breaks all sites which actually work with the username that is not the email 😊. Fixed.