On Oct 27, 2009, at 12:33 AM, Nick Retallack wrote:
> >> It looks like these issues are direct result of the fact it is >> possible to create multiple password resets keys for the same e-mail >> address. Though I think we should additionally add the reset=False on >> save to allow the database to serve as record of password resets. > > Technically it's because there are multiple identical reset keys, > caused by hashing the same data. The fact that multiple emails are > sent out doesn't seem like such a problem. But the fact that they're > supposed to contain different keys, yet in fact contain the same ones, > is problematic. Which as I've said in my first e-mail responding to the original message is something I want to see solved. > Also, is there any reason why it keeps the old resets around and just > sets reset=True? Of what use is this information? Auditing? And > what should happen if there are two valid password reset keys out > there and you use one? I think the other one should be deleted, at > least. I mean, that's a nasty security hole to leave open if you > don't. Yes, auditing is handy. However, you bring up a valid point. We should definitely delete them. It'd actually be better of us to also generate unique hashes per request. Unfortunately, now doing multiple successful password resets is problematic. Though a separate issue from invalidation. Brian Rosner http://oebfare.com http://twitter.com/brosner --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Pinax Core Development" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/pinax-core-dev?hl=en -~----------~----~----~----~------~----~------~--~---
