https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34612 --- Comment #2 from Lucas Gass <lucas@bywatersolutions.com> --- (In reply to Katrin Fischer from comment #1)
Hm, isn't this a security issue? We should not confirm existance or non-existance of the userid?
You mean when 'SelfCheckoutByLogin' is set to 'cardnumber'? I can see how that is problematic. But when it is set to 'username and password' we should be able to display a message saying your password/username combo is incorrect, right? This is a usability problem for users. It's pretty confusing for users to just see a screen flash with no indication of what is going wrong. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.