Loading...

XML

Word

Printable

Anyone can reset the password of a user whose ID they know.
Verified on the test system.

duplicates

JRASERVER-1204 Security and validation of email & passwords

is duplicated by

JRASERVER-16592 New-account creation process fails to mask password in plain-text e-mail sent to new user

JRASERVER-18279 EPIC FAIL: new user signups result in plain text email with all login details

JRASERVER-10600 DON'T SEND PASSWORDS OVER THE INTERNET IN PLAIN TEXT!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

is related to

JRASERVER-15122 Encrypt passwords sent from login portlet/page to server.

relates to

JRASERVER-15916 Check box in signup window

(1 relates to)