Open Bug 517473 Opened 15 years ago Updated 12 years ago

Add support for a security question that must be answered before users can reset/change their passwords

Categories

(Bugzilla :: User Accounts, enhancement, P4)

3.4.1
enhancement

Tracking

()

People

(Reporter: reed, Unassigned)

Details

(Keywords: sec-want, Whiteboard: [sg:want][wanted-bmo])

It's way too easy right now just to hack somebody's e-mail account and request a password reset on the person's bugzilla account in order to get access to it. Bugzilla should support some type of security question that must be answered before password reset (or some other major change thing such as password reset or e-mail address change) is permitted.
Priority: -- → P4
Summary: Add support for a security question that must be answered before various operations are permitted → Add support for a security question that must be answered before users can reset their passwords
It's personaly WONTFIX to me, not even P4. I don't see how you could hack someone else's account and get access to it.
(In reply to comment #1) > It's personaly WONTFIX to me, not even P4. I don't see how you could hack > someone else's account and get access to it. All it requires is getting access to somebody's e-mail whether directly or by interception. That's generally not that difficult, especially if it's far easier to brute force somebody's e-mail account than it is Bugzilla (due to password brute force protection).
Summary: Add support for a security question that must be answered before users can reset their passwords → Add support for a security question that must be answered before users can reset/change their passwords
Whiteboard: [sg:want][wanted-bmo]
And how the feature you are suggesting would help?
(In reply to comment #3) > And how the feature you are suggesting would help? Because the attacker will have to know the answer to the security question in order to reset the user's password in order to gain access to the user's bugzilla account.
(In reply to Reed Loden [:reed] from comment #4) > Because the attacker will have to know the answer to the security question In most (all?) systems I know which use a security question, this is only needed when the user cannot remember his password. I think I have never been able to remember the answer to my security questions, because I assume I will never need them. Forcing the user to answer the security question when he already knows his password is really painful, IMO. Not something I want in the core code. Feel free to write an extension for it (and how do you do it for existing accounts?)
You need to log in before you can comment on or make changes to this bug.