Recovering password

[nilshoerrmann]

It seems like Members is not able to generate recovery codes for members that have no password stored. I stumbled upon this when working on a site where we added the password field to our members section after importing a long list of members. As a consequence the corresponding table tbl_entries_data_ doesn't contain any values for the imported members.

Everything works fine when I set passwords for these members (which is not funny with a few hundred Members in the section). In my eyes Members should handle this case automatically by creating the missing entry in the table.

[michael-e]

When importing members, I'd always try and create random passwords. It feels strange to have members without passwords.

But the question is if the Members extension can/should handle this gracefully. Probably yes — but the issue might not be limited to recovery codes.

Have you tried to log in, for example? What happens?

[nilshoerrmann]

Have you tried to log in, for example? What happens?

That's not possible as empty passwords are not accepted.

[michael-e]

I mean "does anything break badly"? Or is it simply impossible to login (which I would consider the right behaviour).

[nilshoerrmann]

The latter: Members throws an error that the password is invalid/missing.

[michael-e]

OK, so it does not handle this case gracefully.

[nilshoerrmann]

Which behaviour would be correct in your eyes instead of throwing password/@type = 'missing'?

[michael-e]

But the question is: Should it be possible to have Members without passwords? If we allow to log in using an empty password (i.e make this a supported feature), this might be a big security flaw. So either we say "a password (field) is always required" if Members fields are used for members functionality, or it will mean a lot of work to handle all those exceptions.

This is a hard question, and I'd like to hear @brendo's thoughts on the matter. (I couldn't say today, cause I have already been in a German beer garden.)

[nilshoerrmann]

I'm only starting to use Members, but here is what I would have expected:

• Member should always require a password (which it does right now).
• So in the case that Members cannot find a password, I'd expect it to refuse to login (which it already does).
• But I expected that Members treats missing passwords the same way as lost password by offering a way to (re)set it from the frontend.

That's why I was confused that recovering a password wasn't possible if no password was set before. Members didn't throw an error in this case it was just leaving out the recovery code in the XML.

The thing is that the way Symphony works it's likely possible that you have Members without password (Members allows sections without password fields) so it should handle this somehow.

[michael-e]

Yep, that sounds very reasonable to me.

[brendo]

Likewise