Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New login password is reset if there are any invalid fields in the form. #167

Open
sebleedelisle opened this issue Jun 20, 2015 · 3 comments
Open

New login password is reset if there are any invalid fields in the form. #167

sebleedelisle opened this issue Jun 20, 2015 · 3 comments

Comments

@sebleedelisle
Copy link
Contributor

Would be nice if the password wasn't reset. It's a bit annoying. Also same with the photo. :)
@mikestreety
Copy link
Contributor

I believe this is a security hole if you do send the password back 😄

http://ux.stackexchange.com/a/20447

@sebleedelisle
Copy link
Contributor Author

Yeah I was imagining a solution like the one outlined in that answer :

"If server-side validation fails, store the hashed password in a session variable and set the password field's value to something like ******** (literally, 8 asterisks). When the form is resubmitted with password ********, use the stored password, otherwise use whatever was submitted (in the unlikely event the user decided to change their password before resubmitting)."

@mikestreety
Copy link
Contributor

Ah, makes sense! I originally read that completely differently

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@sebleedelisle @mikestreety