Jump to content

Suggestion: limit on password recovery


Guest ErwinB

Recommended Posts

Posted

Hello,

I just have a suggestion about the password recovery feature. Actually, whan you want to get a new password, you're set as 'validating' and an e-mail is sent.
The problem is: if the member who asked for a password recovery don't receive the mail or don't follow the instructions, he remain as validating. Actually w have something like 258 records in ibf_validating about this.

So, I suggest, to keep this table clean and for security, to allow the admin to set a limit for the recovery. If the member don't follow the instructions after x days, the account is locked or put back as an active member, and the entry in ibf_validating deleted. Because actually, the admins aren't able to manage this validating case and they are password recovery links still active since a long time - which can be a risk if someone read the mail instead of the account owner.

So I'd like to be able to set a limit to this, if nothing is done after X days, the recovery is cancelled and the validating deleted.

Posted

Because actually, the admins aren't able to manage this validating case and they are password recovery links still active since a long time -

which can be a risk if someone read the mail instead of the account owner

.


Yes, I am worried about these despicable creatures too. These virmins get into other peoples board and do stuffs that they have no right to do. Your feature is very useful and I hope it gets implemented. :)

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...