Our forgot password tokens are stored in plain text (oops).
This ticket was inspired by this article:
https://paragonie.com/blog/2016/09/untangling-forget-me-knot-secure-account-recovery-made-simple
This ticket was inspired by this article:
https://paragonie.com/blog/2016/09/untangling-forget-me-knot-secure-account-recovery-made-simple
- relates to
-
GTWY-4750 Expire All Valid Forgot Password Tokens on Successful Password Reset
-
- Done
-