Skip to Content Skip to Menu

Some new logic required for "Forgotten PW"

  • Ake2017
  • Ake2017
  • OFFLINE
  • Posts: 57
  • Thanks: 1
  • Karma: 0
3 years 7 months ago #324040 by Ake2017
Some new logic required for "Forgotten PW" was created by Ake2017
My users can login by utilizing their e-mail as "UserName".

However, when they forget their password and want to update it, they cannot get it by giving the e-mailaddress as their username.
The first have to "Forgot Username", then using their real user name and their e-mail address, they can do "Forgotten PW".

Since the real only security here lies in their e-mailadress (which is already known by the system).
And the "extra" security from asking for the username is easily bypassed.
Wouldn't it make sense to adapt the forgotten PW logic according to those facts?

Please Log in or Create an account to join the conversation.

  • krileon
  • krileon
  • ONLINE
  • Posts: 48512
  • Thanks: 8286
  • Karma: 1444
3 years 7 months ago #324047 by krileon
Replied by krileon on topic Some new logic required for "Forgotten PW"
Change the Login Method in CBs configuration to email only and forgot login won't bother asking for username. If you still allow login via username then it's valid for the user needing to know their username.

Yes, our forgot login has pointless logic at this time as it was designed a decade ago. It will be gone in CB 3.x as you'll just use Joomlas.

Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.

Please Log in or Create an account to join the conversation.

Moderators: beatnantkrileon
Powered by Kunena Forum