Add 'This wasn't me' to reset password E-Mail #14543
Labels
c: Security
For issues that make Matomo more secure. Please report issues through HackerOne and not in Github.
Milestone
Hey, I thought of an option where you can click a link "This wasn't me" in the E-Mail which you get if someone tries to reset your password.
The IP of the attacker could be saved in the bruteforce table and be banned for the amount of time set globally in bruteforce settings.
If you can name me the files where I can see how an IP gets banned, I can also code this function myself.
Although im probably not able to code the E-Mail link.
The text was updated successfully, but these errors were encountered: