[FEATURE] Ask for old password when changing
Following security best practices, a user should to be able to update his password only when giving the previous password. Currently no need to know the current password when changing it. Change-Id: Id0c52d8f7e0d06177c0e4f7076b71d5e6fbca466 Resolves: #35807 Releases: master Reviewed-on: http://review.typo3.org/10224 Reviewed-by:Markus Klein <klein.t3@reelworx.at> Tested-by:
Frederic Gaus <frederic.gaus@flagbit.de> Tested-by:
Nicole Cordes <typo3@cordes.co> Tested-by:
Helmut Hummel <helmut.hummel@typo3.org>
Showing
- typo3/sysext/rsaauth/Classes/Hook/UserSetupHook.php 2 additions, 0 deletionstypo3/sysext/rsaauth/Classes/Hook/UserSetupHook.php
- typo3/sysext/rsaauth/Resources/Public/JavaScript/rsaauth.js 10 additions, 5 deletionstypo3/sysext/rsaauth/Resources/Public/JavaScript/rsaauth.js
- typo3/sysext/rsaauth/Resources/Public/JavaScript/rsaauth_min.js 1 addition, 1 deletion...sysext/rsaauth/Resources/Public/JavaScript/rsaauth_min.js
- typo3/sysext/setup/Classes/Controller/SetupModuleController.php 34 additions, 11 deletions...sysext/setup/Classes/Controller/SetupModuleController.php
- typo3/sysext/setup/ext_tables.php 8 additions, 1 deletiontypo3/sysext/setup/ext_tables.php
- typo3/sysext/setup/mod/locallang.xlf 9 additions, 0 deletionstypo3/sysext/setup/mod/locallang.xlf
Please register or sign in to comment