Hello, On Sat, 16 May 2015 16:37:42 +0200 Andrew Shadura <[email protected]> wrote:
> Password reset form might be used to check if users with specific > email addresses have accounts in the system by requesting their > password to be reset. It's probably not a good idea to give this sort > of information to complete strangers. Obviously, there's still a similar issue with login and registration forms, but those issues are to be dealt separately. Login form is one which isn't hard to fix, registration form is something slightly different though. -- Cheers, Andrew
pgpccvSKruRG4.pgp
Description: OpenPGP digital signature
_______________________________________________ kallithea-general mailing list [email protected] http://lists.sfconservancy.org/mailman/listinfo/kallithea-general
