Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

politeiawww: Password change bug. #1466

Open
degeri opened this issue Jul 22, 2021 · 1 comment
Open

politeiawww: Password change bug. #1466

degeri opened this issue Jul 22, 2021 · 1 comment
Labels
blocked bug A bug that made it into a production enviroment.

Comments

@degeri
Copy link
Member

degeri commented Jul 22, 2021

There is no check to ensure that the the "current password" and the "new password" are different when changing passwords. Ideally for a clean UX, the user should not be allowed to change the password to itself.

We can do this on the client side too. Not really an major issue.
@lukebp
Copy link
Member

lukebp commented Jul 22, 2021

We'll address this in the upcoming user layer rewrite that is part of the Pi 2021 Q3 proposal. Marking this as blocked for now.

@lukebp lukebp added blocked 91cfcc8 bug A bug that made it into a production enviroment. labels Jul 22, 2021
@lukebp lukebp changed the title politeia: no verification if current password does not match new password politeiawww: Password change bug. Jul 28, 2021
@amass01 amass01 mentioned this issue Jul 29, 2021
Merged
@lukebp lukebp removed the 91cfcc8 label Mar 15, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
blocked bug A bug that made it into a production enviroment.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lukebp @degeri