Skip to main content

Cookie settings

We use cookies to ensure the basic functionalities of the website and to enhance your online experience. You can choose for each category to opt-in/out whenever you want.

Essential

Preferences

Analytics and statistics

Marketing

Changes at "Change "change password" process to make user retype current password"

Avatar: Antoine Billard Antoine Billard

Title

  • +{"en"=>"Change \"change password\" process to make user retype current password"}

Body

  • +["

    Is your feature request related to a problem? Please describe.
    If a user has a session open, anyone can change their password without typing current password.

    Describe the solution you'd like
    In the change password request, either have the mandatory field 'current password' to avoid any identify theft

    Describe alternatives you've considered
    Change password via Mail link ?

    Does this issue could impact on users private data?
    Yes , if shared computers or opened sessions, their password can be changed.

    Funded by
    No funding available

    "]

Confirm

Please log in

The password is too short.

Share