#12425 closed defect (cantfix)
Password recovery is stupid: should ask for either username or email, not both — at Version 2
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | normal | Milestone: | |
| Component: | general | Version: | |
| Severity: | normal | Keywords: | |
| Cc: | Branch: | ||
| Release Notes: | |||
| API Changes: | |||
| Internal Changes: | |||
Description (last modified by )
There are two kinds of decent "forgot your password" procedures:
- those which ask you to enter your email
- those which let choose whether to enter the username or the email
Asking for both is stupid (as would be asking for the username without the option to use the email instead), as one may have forgotten the username.
It's pathetic that in 2016 we still see sites that ask for both username and email for password reset.
Change History (2)
comment:1 by , 8 years ago
| Resolution: | → cantfix |
|---|---|
| Severity: | critical → normal |
| Status: | new → closed |
comment:2 by , 8 years ago
| Description: | modified (diff) |
|---|---|
| Summary: | Password recovery is stupid: should ask for EITHER username OR email, not both → Password recovery is stupid: should ask for either username or email, not both |
I'm guessing the reason is that multiple users can have same email address in Trac.
Note:
See TracTickets
for help on using tickets.
PluginIssue (th:AccountManagerPlugin).