Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Email notification upon password change #673

Closed
jholdstock opened this issue Jan 22, 2019 · 1 comment · Fixed by #680
Closed

Email notification upon password change #673

jholdstock opened this issue Jan 22, 2019 · 1 comment · Fixed by #680

Comments

@jholdstock
Copy link
Member

@jholdstock jholdstock commented Jan 22, 2019

An email notification should be sent when the password on an account is changed.

One example for why this is important - presently somebody may leave their account logged in on an unattended machine with their password saved in their browser auto-complete. A malicious actor could change the password on the account without the account holder being aware that their account has been compromised.

Sending a notification upon password change is a standard security practice implemented by many websites - it does not prevent this scenario, but it does at least inform the account holder that their account is compromised.

(This is a suggestion from a report submitted to https://bounty.decred.org)

@thi4go
Copy link
Member

@thi4go thi4go commented Jan 22, 2019

I'll work on this!

vibros68 pushed a commit to vibros68/politeia that referenced this issue Aug 17, 2021
* allow node function to check if link is valid when typing

* url validator

* added url validator for malformed links

* removed broken methods

* fix validation error on regular inputs

* added proposal link validator on sumbit proposal

* fixed errors

* fixed error when typing valid urls

* removed console.logs
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

2 participants