Lost Password Recovery WITHOUT username

Your code modifications and patches you want to share with others.
angelox
Joomla! Fledgling
Joomla! Fledgling
Posts: 1
Joined: Tue Jan 05, 2010 11:58 am

Re: Lost Password Recovery WITHOUT username

Post by angelox » Tue Jan 05, 2010 12:27 pm

thank you very muc,h benneh, for you hack :)

Emmel
Joomla! Apprentice
Joomla! Apprentice
Posts: 5
Joined: Tue Jun 22, 2010 1:09 pm

Re: Lost Password Recovery WITHOUT username

Post by Emmel » Thu Aug 05, 2010 9:31 am

ilumn8r wrote:In Joomla 1.5 they have addressed this problem, and actually added some additional functionality, it appears. The new "Lost Password" page reads:

Please enter the e-mail address for your account. A verification token will be sent to you.
Once you have received the token, you will be able to choose a new password for your account.

E-mail Address: [ ]

{Submit} (button)

Haven't tried this, to see what the "token" functionality is, but it sounds like a cool way to handle this.
Unfortunately you have to enter the token AND the username :(.

Of course, there's the possibility to send a username to an e-mail adress. But that's one step more without gain of security, so why not eleminate this step and send the username with the token-mail or remove the username field on the "enter-token-page"?

Does anyone know, if there's a way to configure or work around this?

Odda
Joomla! Apprentice
Joomla! Apprentice
Posts: 6
Joined: Fri Jun 12, 2009 11:01 am

Re: Lost Password Recovery WITHOUT username

Post by Odda » Mon Aug 23, 2010 11:26 am

I agree with Emmel, and think there must be an easier way to solve this. I've got quite a few responses from customers having problems with this, and I'm sure even more that haven't contacted me. This topic pops up also other places on the forum, but as far as I can tell with no proper solution or modul to solve it. Anyone...?


Locked

Return to “Core Hacks and Patches”