#4952 - Implement known password change URL
-
By Chris Graham
- Added
- 8 views
| Identifier | #4952 |
|---|---|
| Issue type | Feature request or suggestion |
| Title | Implement known password change URL |
| Status | Open |
| Tags |
Type: Security (custom) Type: Standards compliance (custom) |
| Handling member | Deleted |
| Addon | core |
| Description | W3C has made a spec for specifying a known URL to change a user's password.
It is designed to make it easier to do mass-password-changes after a user finds they are breached. https://w3c.github.io/webappsec-change-password-url/ Implement this as a simple redirect in recommended.htaccess. Update tut_webapp to reference the spec. |
| Steps to reproduce | |
| Funded? | No |
The system will post a comment when this issue is modified (e.g., status changes). To be notified of this, click "Enable comment notifications".
Comments
There have been no comments yet