You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Sites get hacked. We need to deal with that eventuality. I'm looking to solve two things
a) Admin sets password for user (from commandline), emails to user, user does not change the password. Someone gets access to email, the password is right there and it works. Since CKAN portals would have high visibility, this is an attack vector we'd need to think about. I'd say that the user would need to reset the password at first login.
b) The CKAN database has been exposed and made public. We've protected our passwords now, but I think it'd be useful to have a way for admins to delete everyone's password (and reset key) at one go and force users to click Forget Password to get a new password.
Thoughts about the best way to go about this? I'm going to spend some time working on this. I'm looking for concrete opinions and ideas on how this should proceed.
The text was updated successfully, but these errors were encountered:
Can we just not email passwords? Create accounts with invalid passwords so that new users arrive at essentially a differently skinned version of the password reset page before logging in.
Sites get hacked. We need to deal with that eventuality. I'm looking to solve two things
a) Admin sets password for user (from commandline), emails to user, user does not change the password. Someone gets access to email, the password is right there and it works. Since CKAN portals would have high visibility, this is an attack vector we'd need to think about. I'd say that the user would need to reset the password at first login.
b) The CKAN database has been exposed and made public. We've protected our passwords now, but I think it'd be useful to have a way for admins to delete everyone's password (and reset key) at one go and force users to click Forget Password to get a new password.
Thoughts about the best way to go about this? I'm going to spend some time working on this. I'm looking for concrete opinions and ideas on how this should proceed.
The text was updated successfully, but these errors were encountered: