-
Bug
-
Resolution: Fixed
-
Medium
-
None
-
None
-
8
-
Anyone can reset the password of a user whose ID they know.
Verified on the test system.
- duplicates
-
JRASERVER-1204 Security and validation of email & passwords
- Closed
- is duplicated by
-
JRASERVER-16592 New-account creation process fails to mask password in plain-text e-mail sent to new user
- Closed
-
JRASERVER-18279 EPIC FAIL: new user signups result in plain text email with all login details
- Closed
-
JRASERVER-10600 DON'T SEND PASSWORDS OVER THE INTERNET IN PLAIN TEXT!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- Closed
- is related to
-
JRASERVER-15122 Encrypt passwords sent from login portlet/page to server.
- Closed
- relates to
-
JRASERVER-15916 Check box in signup window
- Closed