Password Reset in Sumo Account

RESOLVED INCOMPLETE

Status

RESOLVED INCOMPLETE
3 years ago
2 years ago

People

(Reporter: kapalawai.sandeep.sandeep, Unassigned)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

3 years ago
While we  forgot our password , here we will use  password reset link.But even though it should validate email id

Updated

3 years ago
Component: General → Users and Groups
Product: Firefox → support.mozilla.org

Comment 1

3 years ago
Can you explain the problem? https://support.mozilla.org/users/pwreset needs the email address.
Flags: needinfo?(kapalawai.sandeep.sandeep)
(Reporter)

Comment 2

3 years ago
The password reset  is not validating the email id .Please make sure  to validate while we use this facility.
Flags: needinfo?(kapalawai.sandeep.sandeep)

Comment 3

3 years ago
I don't understand what you mean, obtain the verification link from the email = verified. It seems to be no necessary to enter the email address when reset password.
(In reply to sandeep from comment #2)
> The password reset  is not validating the email id .Please make sure  to
> validate while we use this facility.

Are you suggesting that we validate that the email put into the form is a valid email linked to an account, and should display an error if the email as input doesn't match an existing account?

This is a common thing some sites do, but it's a privacy leak, as it lets you confirm if someone has a SUMO account by putting in their email and seeing whether you get the validation error or not. That's why we intentionally show the same message even if you put in an invalid email; so as not to leak info about who has a SUMO account.
(Reporter)

Updated

3 years ago
Status: UNCONFIRMED → RESOLVED
Last Resolved: 3 years ago
Resolution: --- → INVALID
(Reporter)

Updated

3 years ago
Resolution: INVALID → WORKSFORME

Updated

2 years ago
Resolution: WORKSFORME → INCOMPLETE
You need to log in before you can comment on or make changes to this bug.