Feature #48364
closed
Remove password from fe_user after click on forgot_password link
0%
Description
Hi,
currently if I use the "Forgot Password" feature of felogin the existing password still allows for re-login. For security-reason it would be meaningfull to remove the password from the user (or set a random string) as soon as the email was sent, so that the user has to create a new one.
An additional setting in TS (clearPasswordAfterForgot), which defaults to 0 (do not clear the password field) would ease the configuration and keep BC.
Place would be in "FrontendLoginController.php" -> showForgot() after line 249.
Regards
joerg
Updated by Philipp Gampe over 11 years ago
- Status changed from New to Needs Feedback
- TYPO3 Version changed from 6.1 to 6.2
- Complexity changed from easy to medium
IMHO this is the wrong approach. That way you can DOS all user of which you know the email address.
Forgetting a password is not a security risk and there is no reason to remove the password if the reset password process is started.
Actually I expect the password to stay the same until I confirmed the email by changing my password.
Updated by Joerg Schoppet over 11 years ago
I get your point. That's the reason I wanted to have it only an option which defaults to "no reset".
Additionally, I know that this isn't something used/requested very often, but at least I had this requirement in the past.
Updated by Jigal van Hemert over 11 years ago
- Status changed from Needs Feedback to Rejected
As Philipp pointed out such a setting can easily lead to problems when people start to guess usernames or email addresses and block access to these accounts by removing their passwords.
If you need to implement this for a project you can use the hook $GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['felogin']['forgotPasswordMail'] which is called inside generateAndSendHash() (the function which sends the mail with the link). You also get the user record in this hook, so your hook subscriber can execute a query to unset the password for that user.