Last modified: 2008-08-14 00:50:39 UTC
The system provides a way to reset a user password via email, which is goodness. But it can be used to annoy users, since anyone can request it from the login screen for any user. The IP of the requestor is tracked in the email. Suggest that this IP also be tracked in a log accessible by CUs for the relevant wiki, per discussion on the CU list.
Confirming the discussion and supporting the request.
I fully support this, there won't be a huge amount of use for it but if there's "requested password for xxx" in the CU log it will reveal abusers.
This would definitely be useful. As checkuser, I also get a large number of these on a good day.
Can we do this in a way that primarily tries to reduce the abuse? Perhaps we could include a statement in the web page, either before or after the reset request is made, that this request will be/has been logged in a manner accessible only by [[m:CheckUser policy|checkusers]], who are required to protect the privacy of requests but may review the log for abuse. In other words, nothing more than what people should expect webmasters to do, but a clear message to those who use this only to abuse. As a checkuser myself, I'll take the discovery tool, but would prefer prevention.
Suggesting a new hook at the end of SpecialUserlogin::mailPassword. This hook would need imo $u as a parameter (the user that just got its password reset), and a reference to a String, the message to display instead of wfMsg('passwordsent' ...), if the hook returns true. This would allow the preventive message suggested in comment #4 to be displayed. How does it sound ?
Since this would only be marginally useful, given that the IP is in the spam emails, I'm not sure if this is worth implementing.
see comments 1-4 as to why this is useful, and more than marginally... the IP in the email means that different people have to figure out who they should talk to. Logged, its easy to see a pattern of abuse. Maybe this should be debated on the CU list but the request was made after multiple CUs said it would indeed be useful and multiple CUs supported it after that.
Yes, I saw the comments, but no rationale.
Rationale is that in case of account stealing a recently logged password reset request per e-mail is very relevant.
Done in r39322. Will be discussed some before in enabling.