Make WordPress Core

Changes between Initial Version and Version 9 of Ticket #12682


Ignore:
Timestamp:
02/09/2014 04:55:20 AM (11 years ago)
Author:
SergeyBiryukov
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #12682

    • Property Status changed from new to accepted
    • Property Type changed from defect (bug) to feature request
    • Property Component changed from Security to Users
    • Property Summary changed from Multiple password reset messages to Multiple password reset emails can be annoying
    • Property Owner changed from ryan to dd32
    • Property Milestone changed from Unassigned to 3.9
    • Property Keywords has-patch added
  • Ticket #12682 – Description

    initial v9  
    1 There's a security flaw mentioned in #10006: an attacker can bother users with password reset messages.
     1There's a security flaw mentioned in #10006: an attacker can bother users with password reset emails.
    22
    3 The problem was reported on Russian support forums by the user receiving hundreds of such messages on his email address. He managed to solve it himself.
    4 
    5 He also proposed to introduce some kind of timeout for password resetting. Is it possible?
     3The problem was reported on support forums by a user receiving hundreds of these emails. He proposed to introduce some kind of a timeout for password reset requests. Is it possible?