Subject: The mailing list for listmasters using Sympa
List archive
Re: [sympa-users] funnyness involving password resets
- From: David Verdin <address@concealed>
- To: Miles Fidelman <address@concealed>
- Cc: "address@concealed" <address@concealed>
- Subject: Re: [sympa-users] funnyness involving password resets
- Date: Thu, 02 Sep 2010 10:38:53 +0200
Hi Miles, Le 31/08/2010 02:43, Miles Fidelman a écrit : Of late, I've been having a funny problem with password resets.This is probably due to customized templates in your instance. These templates were not updated after you upgraded (Sympa never changes anything in customized files in etc or expl). So they still contain placeholders for the password. As of Sympa 5.4, the password are stored in a non reversible fashion (we store a MD5 hash). So the funny looking passwords your users receive are these MD5 hashes. Until recently I blamed administrators for keeping such out of date templates but a user of ours pointed that: 1- warning about the importance to update templates were not very visible, so it was easy to miss it; 2- We still made the password available to mail templates even though it was now pointless. So we will change the code (in the beta 7 or beta 8) to stop delivering passwords. One should not. If the link was not valid, then you should not be logged in after clicking it. These are one time tickets. So as soon as they have been clicked, you can't use them anymore. Could you please check that you did not have a valid session running prior to clicking the used link? Apart from this, everything seems to be working as it is intended to. Regards, David
--
David Verdin Comité réseau des universités Due to the limitations of human brain, I fail to remember all the mails. So if you want your bug reports or feature requests for Sympa to be processed, please post them to the Sympa tracker |
-
Re: [sympa-users] funnyness involving password resets,
David Verdin, 09/02/2010
-
Re: [sympa-users] funnyness involving password resets,
Miles Fidelman, 09/03/2010
- Re: [sympa-users] funnyness involving password resets, David Verdin, 09/03/2010
-
Re: [sympa-users] funnyness involving password resets,
Miles Fidelman, 09/03/2010
Archive powered by MHonArc 2.6.19+.