(Security) Account restore

Registered by Lars Helge Øverland on 2012-11-04

It should be possible to restore the password for a user account. Whether to allow account restore should be configurable as a system setting. The system should feature a recovery form where the user can enter his username. Instructions should then be sent to the email account which the user registered for his account. The system should send two emails to the user's account. The first email should provide a link to a restore form with a 50 character random code embedded, which should be verified before the user can access the restore form. The other email should provide a random 15 character code which must be entered in the restore form. This to prevent from email sniffing attacks. There should be a time limit of 1 hour for the user to complete the restore.

There should be certain restrictions for whether the account restore should go through: 1) Account restore must be enabled through the system setting. 2) The user account must have a valid email associated with it. 3) If the user account has critical authorities, like scheduling, system settings or data administration, it should be denied restore. 4) If the user attempts to restore after the 1 hour deadline the restore should be denied.

The restore form should require the user to enter the code sent in the second email, a new password and a confirmation of the new password. If the code is valid and the passwords match, the user account should be updated with the new password. The user should be provided with a link back to the regular login form.

Blueprint information

Status:
Complete
Approver:
Lars Helge Øverland
Priority:
Undefined
Drafter:
None
Direction:
Needs approval
Assignee:
Lars Helge Øverland
Definition:
Approved
Series goal:
Accepted for trunk
Implementation:
Implemented
Milestone target:
milestone icon 2.10
Started by
Lars Helge Øverland on 2012-11-04
Completed by
Lars Helge Øverland on 2012-11-04

Related branches

Sprints

Whiteboard

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.

Subscribers

No subscribers.