• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Lack of interest Validation on Password Reset

Robust

Well-known member
#1
When a password reset is requested perhaps a security question, or some sort of question should be asked to narrow down the amount of password reset attempts.

This should be a core feature imho, as anyone can spam someone's email by sending password resets.
 

whynot

Well-known member
#2
When a password reset is requested perhaps a security question, or some sort of question should be asked to narrow down the amount of password reset attempts.

This should be a core feature imho, as anyone can spam someone's email by sending password resets.
Fair wish.
Instead of "Name or Email" should be only "Email"