View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|09599||Feature requests||[All Projects] Security||public||2015-04-08 19:17||2019-04-15 16:37|
|Target Version||Fixed in Version|
|Summary||09599: Use one time URL instead of sending password in "forgotten password" functionality|
Send an URL to set a new password instead of sending a new password by email in "forgotten password" funcionality. This URL is valid just one time during a limited period of time.
|Tags||No tags attached.|
And for user creation too :)
PS : All LS core plugin are updated in LS3
Putting a vote in for this feature. And setting minimum password strength.
@ollehar, are there any plans for improving password based security at LS 4?
@Mazi, no. In general we have no plans for "smaller features".
At the moment we have no way to prioritize smaller feature requests. We have bigger features and then a lot of bugs that need to be fixed, not much time for other things. Something that can be discussed on the next meeting is how to create priority for features like this. Maybe a voting system?
Some week ago : i can work in develop, and make new feature.
Some are little issue (Sodium issue is an easy fix), but some other are really to big …
New big broke feature can maybe be done in a fork of develop …
Else : there are no smaller feature ! (and security and OWASP is never a small feature …)
I have code that enforces a configurable minimum password strength. I've built it off the Version 3.17.0+190402 code base.
I've posted the code with issue https://bugs.limesurvey.org/view.php?id=14636
|2015-04-08 19:17||aesteban||New Issue|
|2015-04-08 19:18||aesteban||Relationship added||related to 09598|
|2015-04-08 19:18||aesteban||Relationship added||related to 09568|
|2015-04-09 08:26||DenisChenu||Note Added: 31970|
|2015-04-09 09:01||DenisChenu||Note Edited: 31970||View Revisions|
|2019-03-27 14:24||blocka||Note Added: 51170|
|2019-04-03 09:25||ritapas||Note Added: 51290|
|2019-04-05 09:22||Mazi||Note Added: 51366|
|2019-04-05 10:53||ollehar||Note Added: 51373|
|2019-04-05 11:02||ollehar||Note Added: 51374|
|2019-04-05 11:45||DenisChenu||Note Added: 51376|
|2019-04-12 22:04||blocka||Note Added: 51461|
|2019-04-15 16:37||blocka||Note Added: 51471|