#45479 closed enhancement (worksforme)
Display text after lost password request
Reported by: |
|
Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | 4.9.8 |
Component: | Login and Registration | Keywords: | |
Focuses: | Cc: |
Description
First i've posted this here https://wordpress.org/support/topic/display-text-after-lost-password-request/ and James Huff sugested to create a bug report.
Current situation with clean install and twenty 17 theme.
Reset password with an email address that exists in the user section
get a text message after reload that a password reset link was send to the given address
Reset password with an email address that doesn’t exist in the user section
get a redirect to the password reset page… nothing else
According to general standards like this, or this I would expect the same response like:
If you have an account with us we’ve send you an email with a link to reset your password.
OR
If WP cares less about security/privacy at least I would expect a text to display with a failed password request. Especially now we know there IS a difference between an existing and non existing email address.
UX Bug
At least we could state that we now have a situation where we do inform the customer and where we leave them in great doubt if anything happened at all. This can’t be good for the users of the sites that work with WP.
Change History (4)
#1
@
6 years ago
- Keywords close reporter-feedback added; 2nd-opinion removed
- Resolution set to worksforme
- Status changed from new to closed
- Version set to 4.9.8
Hello @yuluma
Thank you for the question. I have tested it in the WordPress latest version and I got the error message that ERROR: There is no user registered with that email address. in lost password page. can you please give more clarity by giving the screenshot?
Thanks