No way to customize notice text
-
I need to be able to customize the text that shows up when a user tries to reset their password. It’s a pretty significant security issue that the message says something like “That username is not recognised.” or “An email has been sent. Please check your inbox.” since it allows potential attackers to enumerate accounts.
Can we either get the ability to edit the text that shows up, or it would also work if y’all could update it to something like “An email has been sent to the account if one exists.”
Viewing 2 replies - 1 through 2 (of 2 total)
Viewing 2 replies - 1 through 2 (of 2 total)
- The topic ‘No way to customize notice text’ is closed to new replies.