View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0008335 | mantisbt | security | public | 2007-09-05 20:51 | 2013-10-27 08:15 |
Reporter | vboctor | Assigned To | vboctor | ||
Priority | normal | Severity | minor | Reproducibility | have not tried |
Status | closed | Resolution | duplicate | ||
Product Version | 1.2.15 | ||||
Summary | 0008335: Changing password should verify that user knows current password | ||||
Description | It is a common practice that when a user attempts to change his/her password, they have to confirm their knowledge of the current password. This protects against someone using the computer from changing passwords. This is specifically important with the Mantis being typically used with long sessions (i.e. cookies don't expire quickly or never expire). | ||||
Tags | No tags attached. | ||||