Prevent user name/email leakage via the sign in form #5
Comments
|
The signup process is just very flawed on both the security and UX fronts. From the UX POV, it is just ridiculous to expect from a user to select unique user name without giving him any indication what might be available. Knowing that "admin" is taken do not help much. The correct flow should be to let the user register with his email only, than after the email is confirmed, generate an automatic one for him suggest to him to change it. It is still possible to enumerate user names in that kind of flow, but it is much easier to limit the number of such attempts, and it makes the process somewhat harder to automate. |
|
This is mostly solved as part of #187, what is left is to modify the error messages when someone tries to register a user with an already registered email. The proper way to resolve that situation is probably to treat it like a password reset event. |
…email address for which there is already an associated user, send a password reset email, and display the same message as if the user registration was successful #5
…er send a password reset to the email #5
related to #4
Sign in form is disabled by default, but if it is enabled people can use it to discover which user names/emails are in use on the site from the rejection messages.
The text was updated successfully, but these errors were encountered: