[Koha-bugs] [Bug 8753] Add forgot password link to OPAC
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Wed Nov 5 13:29:36 CET 2014
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8753
--- Comment #66 from M. de Rooy <m.de.rooy at rijksmuseum.nl> ---
(In reply to Liz Rea from comment #63)
> Comment 57, 2nd paragraph - when someone doing QA suggests mailing a
> cleartext password might be ok, it seems right to emphatically tell them
> "no, that's a bad idea."
Please keep it in context. Hope I do not intercept any undertone about QA work
here?
For completeness: I completely agree that sending password by mail is
theoretically very bad. However, we probably do not have a 100% safe solution
for this. So therefore in a pragmatic view the sensitivity argument etc.
And to add: As long as many OPACs are going over HTTP, we send the password
clear text all over the place..
But again, also comment 57 This approach is fine with me!
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list