You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Current app (built from develop) rightly handles the third error but always says "This password is incorrect." even if username was not found.
I understand this can be privacy breach to tell if username was found or not, so I would like to have to get your input @dewall about how we should approach this issue. Also, we may need to change the server response if we use the information of existence of a username.
Simplest solution could be to simply show message: "Username or password was incorrect.".
I would like to work on this issue myself.
The text was updated successfully, but these errors were encountered:
Login error can be:
Current app (built from
develop
) rightly handles the third error but always says "This password is incorrect." even if username was not found.I understand this can be privacy breach to tell if username was found or not, so I would like to have to get your input @dewall about how we should approach this issue. Also, we may need to change the server response if we use the information of existence of a username.
Simplest solution could be to simply show message: "Username or password was incorrect.".
I would like to work on this issue myself.
The text was updated successfully, but these errors were encountered: