[dev] [commits] Horde branch horde_auth_locking updated. b834ba43e3ec22ac0a735cad90e402fd256d3b21
Jan Schneider
jan at horde.org
Tue Aug 16 15:22:42 UTC 2011
Zitat von Ralf Lang <lang at b1-systems.de>:
> Am Dienstag, 16. August 2011, 16:25:58 schrieb Jan Schneider:
>> Zitat von Ralf Lang <lang at b1-systems.de>:
>> > The branch "horde_auth_locking" has been updated.
>> > The following is a summary of the commits.
>> >
>> > from: 4a9655d8f9224f336185cdf4e4f2e6c29daff329
>> >
>> > b834ba4 [rla] Don't present security question dialog if none is set
>> > #10430
>> >
>>
>> This won't show the Reset button if no security question is set.
>
> It triggers the reset & email directly after username & email have been
> provided.
Ah yes, makes sense.
>> And
>> the question is whether we want to *allow* resetting the password
>> without that question at all. I'd say no.
>
> Yes, it's probably too dangerous. But then it should say so instead of
> presenting an empty question.
Agreed. We should show an error message that no security question had
been set, and the user should contact his administrator.
Jan.
--
Do you need professional PHP or Horde consulting?
http://horde.org/consulting/
More information about the dev
mailing list