View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|09599||Feature requests||Security||public||2015-04-08 19:17||2019-08-27 11:06|
|Summary||09599: Use one time URL instead of sending password in "forgotten password" functionality|
Send an URL to set a new password instead of sending a new password by email in "forgotten password" funcionality. This URL is valid just one time during a limited period of time.
|Tags||No tags attached.|
|Story point estimate|
|Users affected %|
|duplicate of||15190||closed||c_schmitz||Bug reports||Assigned administration user password is generated randomly, but not time-limited and user is not required to change it|
|related to||09598||closed||scoops||Feature requests||Add confirm password field|
|related to||09568||assigned||scoops||Feature requests||Password strength|
Last edited: 2015-04-09 09:01
And for user creation too :)
PS : All LS core plugin are updated in LS3
Putting a vote in for this feature. And setting minimum password strength.
@ollehar, are there any plans for improving password based security at LS 4?
@Mazi, no. In general we have no plans for "smaller features".
At the moment we have no way to prioritize smaller feature requests. We have bigger features and then a lot of bugs that need to be fixed, not much time for other things. Something that can be discussed on the next meeting is how to create priority for features like this. Maybe a voting system?
Some week ago : i can work in develop, and make new feature.
Some are little issue (Sodium issue is an easy fix), but some other are really to big …
New big broke feature can maybe be done in a fork of develop …
Else : there are no smaller feature ! (and security and OWASP is never a small feature …)
I have code that enforces a configurable minimum password strength. I've built it off the Version 3.17.0+190402 code base.
I've posted the code with issue https://bugs.limesurvey.org/view.php?id=14636
|2015-04-08 19:17||aesteban||New Issue|
|2015-04-08 19:18||aesteban||Relationship added||related to 09598|
|2015-04-08 19:18||aesteban||Relationship added||related to 09568|
|2015-04-09 01:11||DeveloperChris||Issue Monitored: DeveloperChris|
|2015-04-09 08:26||DenisChenu||Note Added: 31970|
|2015-04-09 09:01||DenisChenu||Note Edited: 31970|
|2019-03-27 14:24||blocka||Note Added: 51170|
|2019-03-27 14:28||DenisChenu||Issue Monitored: DenisChenu|
|2019-04-03 09:25||ritapas||Note Added: 51290|
|2019-04-05 09:22||Mazi||Note Added: 51366|
|2019-04-05 10:53||ollehar||Note Added: 51373|
|2019-04-05 11:02||ollehar||Note Added: 51374|
|2019-04-05 11:45||DenisChenu||Note Added: 51376|
|2019-04-12 22:04||blocka||Note Added: 51461|
|2019-04-15 16:37||blocka||Note Added: 51471|
|2019-08-27 10:45||DenisChenu||Relationship added||related to 15190|
|2019-08-27 11:05||c_schmitz||Relationship replaced||duplicate of 15190|
|2019-08-27 11:06||c_schmitz||Assigned To||=> c_schmitz|
|2019-08-27 11:06||c_schmitz||Status||new => closed|
|2019-08-27 11:06||c_schmitz||Resolution||open => duplicate|