https://bugzilla.wikimedia.org/show_bug.cgi?id=30412
Ariel T. Glenn <ar...@wikimedia.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |ar...@wikimedia.org --- Comment #9 from Ariel T. Glenn <ar...@wikimedia.org> --- The extension that provides that functionality is https://github.com/bestpractical/rt-extension-resetpassword and it needs to be packaged and installed (as well as tested with the new version of RT). There's another approach to password resets here: http://requesttracker.wikia.com/wiki/PasswordReset and implemented here: https://gerrit.wikimedia.org/r/#/c/71719/3 but this is not currently functional, since it's intended for 'external' (non privileged) users only. I could comment out the lines that make that check, but I'd prefer to go with the other extension because of how password resets are handled. In the extension on github, the user requests a password reset by providing their email address, is sent a url with a token, and after following that url, enters the new password which is then validated and saved. This I believe is what was installed previously, at least it has the path referenced in comment 8. In the wikia code, the user requests a password reset the same way but RT immediately sets the password to a random string and emails the user with that password. I like the second approach less, since it permits someone other than the user to actually change the password (even though the user is notified of the change), and the password is sent via plaintext email. Neither of those things excite me very much. -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l