#5294 closed defect (invalid)
"Forgot password" should require EITHER email or username, not both
Reported by: | teo8976 | Owned by: | |
---|---|---|---|
Priority: | normal | Component: | trac |
Version: | unspecified | Keywords: | |
Cc: | Blocked By: | ||
Blocking: | Reproduced by developer: | no | |
Analyzed by developer: | no |
Description (last modified by )
At https://trac.ffmpeg.org/reset_password
you are required to enter your username AND email.
That's retarded.
If you forget your username, you are fucked. If you remember your username but are not sure which email you used, you are fucked.
Decent sites either let you enter whichever you want, or they only require the email (the former option is obviously better).
Change History (4)
comment:1 by , 8 years ago
Description: | modified (diff) |
---|---|
Resolution: | → wontfix |
Status: | new → closed |
comment:2 by , 8 years ago
Resolution: | wontfix → invalid |
---|
comment:3 by , 18 months ago
Fwiw: https://trac-hacks.org/ticket/10762 and newer related duplicates.
comment:4 by , 18 months ago
If you forget your username, you are fucked
Balling is my username, how am I fucked? I can just look into this post. Or email from trac. There you can see your email. The probelm is many use the email that they later use to sign-off-by on commits, that emails and public username kinda makes it still simple to create a DOS attack.
It is rather common on some services to require user name instead of email. Wikipedia. Or windscribe.
You can file a ticket against Trac's AccountManagerPlugin, which we use for account management. There are multiple reasons for this redirection: