fishingfool Posted October 17, 2008 Share Posted October 17, 2008 Hello, Does anyone know how to remove the “forgotten your password” link on the Admin login page? I have searched and can not find any information on this. Is it even possible to do? Alternatively, is it possible to deactivate it from working if the login page is not editable? I ask this because of security worries. It’s a little too easy for someone to just start entering email addresses until they finally hit the correct one. The system does log the IP address and email it to you on a failed attempt, and that is great, but what if no one is monitoring the system and someone is attempting to access the admin area. Any input would be greatly appreciated! Thanks… 0 Quote Link to comment Share on other sites More sharing options...
bear Posted October 17, 2008 Share Posted October 17, 2008 It’s a little too easy for someone to just start entering email addresses until they finally hit the correct one. Even if they guessed the correct email address, it mails information to that address. What good would that do the person trying to gain access? 0 Quote Link to comment Share on other sites More sharing options...
fishingfool Posted October 17, 2008 Author Share Posted October 17, 2008 You make an excellent point. 0 Quote Link to comment Share on other sites More sharing options...
bear Posted October 17, 2008 Share Posted October 17, 2008 Just realized it doesn't create a temp password that will expire, it simply generates a new one and inserts it. Something of an annoyance if someone learns your email and decides to keep screwing with you. Going to post a feature request to see what Matt thinks. Thanks for bringing this up. 0 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.