Uploaded image for project: 'Bitbucket Data Center'
  1. Bitbucket Data Center
  2. BSERV-3024

Delete RememberMe tokens and disable sessions when captcha is required

    XMLWordPrintable

Details

    • Suggestion
    • Resolution: Invalid
    • None
    • Administration
    • None
    • We collect Bitbucket feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

    Description

      When users type in the wrong password too many times on the command line, they have to re-enable their account by going to the website and logging in with a captcha. Unfortunately, if they're already logged in on the Stash web site, they need to log out first.

      Instead, when captcha is triggered, invalidate any web sessions for the user and remove any RememberMe tokens. This will force the user to log in the next time they interact with the web.

      Attachments

        Issue Links

          relates to

          Suggestion - BSERV-3001 Allow CAPTCHA to be shut off completely at the command-line

          • Closed

          Activity

            People

              Unassigned Unassigned
              bplump Brent P
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: