Uploaded image for project: 'XWiki Platform'
  1. XWiki Platform
  2. XWIKI-16537

Limit password reset email requests

    XMLWordPrintable

Details

    • Improvement
    • Resolution: Unresolved
    • Major
    • None
    • 11.5
    • Administration
    • None
    • Unknown

    Description

      A user can send as many password reset request as he want, by clicking "Forgot your password" .

      For some user may take few minutes until they receive the reset email (depending on their email configuration, anti-spam filters and other).
      By sending multiple reset request the user may:

      • Mistake the last email with other from the email thread and click on an old link
      • Or he may not receive all the emails

      I have identified two situations when the link from the email expire and the userĀ  gets "Wrong parameters" error. And this error message may not be very clear for him why it is displayed.

      • an other request is sent
      • the link was already accessed (it doesn't take into consideration if the password was changed or not)

      So to avoid these confusion, it would be nice to display a message like: " An email was already sent. Try after 5 minutes.", when a request has already been sent.

      Attachments

        Issue Links

          is related to

          Improvement - An improvement or enhancement to an existing feature or task. XWIKI-16540 Improve forgot password message

          • Major - Major loss of function.
          • Closed

          Activity

            People

              Unassigned Unassigned
              andreic Camelia Andrei
              Votes:
              1 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated: