Skip to content

Login form changes for lost password #749

robocoder opened this Issue May 30, 2009 · 5 comments

2 participants

  • error message (or redirect to Login screen) instead of a blank page when requesting a new password but user doesn't exist
  • "Remind password" is a misnomer for this button when it in fact sends a new password; change text to "Send Password Reset" and send email with link to a password reset form (see comment:5)
  • If sendmail isn't configured, it would be nice to include more validation before resetting passwords.
  • include IP address of requester in the email message

Third bullet item fixed in #815.

Piwik Open Source Analytics member
mattab commented Aug 13, 2009

Also (but probably not included in this ticket) we should not reset the password by default. Instead the email should contain a link to the piwik install that would then reset the password and show it to the user on the screen (or leave him change it see #526). Reset the password by default can be misused and annoy users.


In [1415], fixes #749 - Login form changes

  1. Lost password form now sends an email with reset instructions and link to a password change form instead of changing the password.
  2. Added password change form which requires input of a generated token (valid for 24 hrs).
  3. Fix $urlToRedirect handling; refactoring; phpdoc comments; minor reformatting

In [1418], refs #749 - fix redirect after install

@robocoder robocoder added this to the Piwik 0.4.4 milestone Jul 8, 2014
@robocoder robocoder self-assigned this Jul 8, 2014
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.