https://bugzilla.wikimedia.org/show_bug.cgi?id=28085
--- Comment #14 from Tyler Romeo <[email protected]> --- (In reply to comment #13) > What about allowing e-mail login only for those with just one account per > e-mail (won't that be like 99% of users?). It seems to me to be pretty > standard > to allow logging in with an email these days, it would be a shame not to have > in on wikipedia. I guess that's true. Unfortunately, it'd be difficult to actually implement. The logic would have to be constructed so that the time it takes for a non-existent email to fail logging in would be the same as an existing email with an incorrect password logging in. This would require initializing a fake user when the email doesn't exist, passing it to AuthPlugin and whatnot, and then hashing and comparing a fake password before finally bailing out. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
