Open Bug 1935834 Opened 10 months ago Updated 10 months ago

Email change message sent to old address is confusingly similar to that sent to the new one

Categories

(Bugzilla :: User Accounts, defect)

Product:
Bugzilla
Component:
User Accounts
Type:
defect

Tracking

()

Status:
UNCONFIRMED

People

(Reporter: ncts, Unassigned)

Details

Steps to reproduce:

Change email address

Actual results:

Two emails were sent, one to the old address and one to the new address.

Email to the old address:

Subject: {instance} Change Email Address Request

{instance} has received a request to change the email address
for your account to {new_address}.

If you are not the person who made this request, or you wish to cancel
this request, visit the following link:

{instance_url}/token.cgi?t={cancel_token}&a=cxlem

If you do nothing, and {new_address} confirms this request,
the change will be made permanent after 3 days
(on {date}).

Email to the new address:

Subject: {instance} Change Email Address Request

{instance} has received a request to change the email address
for the account {old_address} to your address.

To confirm the change, visit the following link:

{instance_url}/token.cgi?t={confirm_token}&a=cfmem

If you are not the person who made this request, or you wish to cancel
this request, visit the following link:

{instance_url}/token.cgi?t={cancel_token}&a=cxlem

If you do nothing, the request will lapse after 3 days
(on {date}).

Their templates are confusingly similar. Effectively nothing signals their difference. The subject does not, and difference of the bodies are not necessarily significant. People are used to confirmation emails with, well, a confirmation link, and don't necessarily read the body. If that to the old one first arrived, it's likely that the link in it, which is to cancel the change, is clicked.

Expected results:

Have different subjects like:

  • To old address: "Verify Email Address Change (Away From This One)"
  • To new address: "Confirm Email Address Change (To This One)"

Nice to have: have similar wording in the first paragraph, probably capitalized, e.g.

{instance} has received a request to change the email address
for your account AWAY FROM THIS ONE to {new_address}. The link below is to CANCEL the request.
You need to log in before you can comment on or make changes to this bug.