[CWD-1875] Update Forgotten Password workflow to Atlassian standard

Type: Suggestion
Resolution: Fixed
Fix Version/s: 2.1
Component/s: None
Labels:
None

Feedback Policy:

Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

The forgotten password feature in Crowd should not send a password to the user.

It should not generate a password at all.

The aim will be to send a uniquely random URL to the user so they can choose themselves a new password. This will match the functionality currently seen in Confluence, JIRA and FishEye.

incorporates

CWD-1897 Automatically generated passwords (e.g. password reset) use insecure java.util.Random

Closed

CWD-86 Anyone can reset anyone elses password

Closed

CWD-1014 Reset Password functionality does not consider directory password configuration

Closed

CWD-1551 crowd does not send passwords that meet the given password requirement

Closed

CWD-1676 Password-complexity regex is not enforced when setting a password using soap

Closed

CWD-362 Reset password error is not useful when regex is not passed.

Closed

CWD-1189 Need to provide clearer user console messages for changing password

Closed

is duplicated by

CWD-86 Anyone can reset anyone elses password

Closed

relates to

CWD-2009 Update Admin Reset Password to Atlassian Standard

Closed

(2 incorporates, 1 is duplicated by, 1 relates to)

Katherine Yabut made changes - 19/Sep/2019 5:51 AM

Workflow	Original: JAC Suggestion Workflow [ 3387917 ]	New: JAC Suggestion Workflow 3 [ 3629803 ]
Status	Original: RESOLVED [ 5 ]	New: Closed [ 6 ]

Monique Khairuliana (Inactive) made changes - 19/Aug/2019 11:53 PM

Workflow	Original: Simplified Crowd Development Workflow v2 [ 1391146 ]	New: JAC Suggestion Workflow [ 3387917 ]
Assignee	Original: James Wong [ 4c7409f97ecf ]
Issue Type	Original: Improvement [ 4 ]	New: Suggestion [ 10000 ]

Owen made changes - 12/May/2016 2:51 AM

Workflow

Original: Crowd Development Workflow v2 [ 273752 ]

New: Simplified Crowd Development Workflow v2 [ 1391146 ]

jawong.adm made changes - 15/Dec/2010 10:50 PM

Workflow

Original: Feature Request Workflow [ 209520 ]

New: Crowd Development Workflow v2 [ 273752 ]

James Wong made changes - 05/Aug/2010 4:52 AM

Assignee

New: James Wong [ 4c7409f97ecf ]

James Wong made changes - 05/Aug/2010 4:50 AM

Link

New: This issue relates to ~~CWD-2009~~ [ ~~CWD-2009~~ ]

James Wong made changes - 25/Jun/2010 12:20 AM

Fix Version/s		New: 2.1 [ 14496 ]
Fix Version/s	Original: 2.0.5 [ 15220 ]
Resolution		New: Fixed [ 1 ]
Status	Original: Awaiting Review [ 10033 ]	New: Resolved [ 5 ]

shihab made changes - 01/Jun/2010 6:11 AM

Fix Version/s		New: 2.0.5 [ 15220 ]
Fix Version/s	Original: 2.0.4 [ 15040 ]

shihab made changes - 06/May/2010 12:01 AM

Link

New: This issue is duplicated by ~~CWD-86~~ [ ~~CWD-86~~ ]

Justin Koke made changes - 05/May/2010 12:18 AM

Description

New: The forgotten password feature in Crowd should not send a password to the user.

It should not generate a password at all.

The aim will be to send a uniquely random URL to the user so they can choose themselves a new password. This will match the functionality currently seen in Confluence, JIRA and FishEye.

Assignee:: Unassigned

Reporter:: David O'Flynn [Atlassian]

Votes:: 1 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 21/Apr/2010 3:23 AM

Updated:: 19/Sep/2019 5:51 AM

Resolved:: 25/Jun/2010 12:20 AM

Details

Description

Attachments

Issue Links

Forms

Activity

People

Dates