View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0020816 | mantisbt | authentication | public | 2016-04-17 12:16 | 2016-06-12 00:42 |
Reporter | cproensa | Assigned To | dregad | ||
Priority | normal | Severity | minor | Reproducibility | always |
Status | closed | Resolution | fixed | ||
Product Version | 1.3.0-rc.1 | ||||
Target Version | 1.3.0-rc.2 | Fixed in Version | 1.3.0-rc.2 | ||
Summary | 0020816: user verification / password reset allows setting of empty password | ||||
Description | On account verification, or password reset, when the user is prompted for a new password, a blank password is allowed to be entered This may happens on two situations:
This situation is aggravated if the activation link was expired of first use | ||||
Tags | No tags attached. | ||||