You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently there is the ability to send unlimited password reset requests in a short space of time.
This is a potential point of exploit and should probably be fixed.
I think a reasonable limit would be 5 minutes between activations of this requests.
Also, I think it's worth moving the pop up message to just above the request box so it's easier to see. It can be easily missed at the bottom of the screen on a light-mode interface: "If the address you've entered is correct, you should now receive an email with instructions"
Cheers
The text was updated successfully, but these errors were encountered:
Currently there is the ability to send unlimited password reset requests in a short space of time.
This is a potential point of exploit and should probably be fixed.
I think a reasonable limit would be 5 minutes between activations of this requests.
Also, I think it's worth moving the pop up message to just above the request box so it's easier to see. It can be easily missed at the bottom of the screen on a light-mode interface: "If the address you've entered is correct, you should now receive an email with instructions"
Cheers
The text was updated successfully, but these errors were encountered: