Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add 'This wasn't me' to reset password E-Mail #14543

Open
obendev opened this issue Jun 19, 2019 · 0 comments
Open

Add 'This wasn't me' to reset password E-Mail #14543

obendev opened this issue Jun 19, 2019 · 0 comments
Labels
c: Security For issues that make Matomo more secure. Please report issues through HackerOne and not in Github.
Milestone
Backlog (Help wan...

Comments

@obendev
Copy link
Contributor

obendev commented Jun 19, 2019

Hey, I thought of an option where you can click a link "This wasn't me" in the E-Mail which you get if someone tries to reset your password.
The IP of the attacker could be saved in the bruteforce table and be banned for the amount of time set globally in bruteforce settings.

If you can name me the files where I can see how an IP gets banned, I can also code this function myself.
Although im probably not able to code the E-Mail link.
@Findus23 Findus23 added the c: Security For issues that make Matomo more secure. Please report issues through HackerOne and not in Github. label Jun 19, 2019
@mattab mattab added this to the Backlog (Help wanted) milestone Jan 21, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
c: Security For issues that make Matomo more secure. Please report issues through HackerOne and not in Github.
Projects
None yet
Milestone
Backlog (Help wanted)
Development

No branches or pull requests
3 participants
@mattab @Findus23 @obendev