- First commit to issue fork.
- last update
12 months ago 29,565 pass - Status changed to Needs review
12 months ago 7:03am 30 June 2023 - last update
12 months ago 29,566 pass - ๐จ๐ฆCanada Charlie ChX Negyesi ๐Canada
Serving as the Ghost of Drupal Past, as I am sure everyone remembers ;) Josรฉ added this not long ago ;) in #18719: Request New Password Security โ with a little dabbling from me but even I can't recall the reason for no timeout on first login. Re-reading the issue, it was introduced in #14 but there's no reasoning given. Considering some use cases here... for example you might be registering on an event website months ahead, get a link and never bother to go through with the actual account creation until the event comes. if we consider this a valid use case then maybe we should add instructions on how to obtain a fresh reset link -- AFAIK currently the only way in the web UI is to visit user/reset, enter the username and click... so maybe we should consider adding username prefill functionality to the user reset page and add instructions to the initial user mail?
- Status changed to Needs work
12 months ago 11:58pm 2 July 2023 - ๐บ๐ธUnited States smustgrave
This seems like something that could use an issue summary update.
Is the same approach from 3 years ago still desired?
- last update
6 months ago 25,746 pass, 1,791 fail