Page MenuHomePhabricator
Create Task
Maniphest T16630

Log password email reset requests in the CU log
Closed, ResolvedPublic
Actions

Description

Author: lar

Description:
The system provides a way to reset a user password via email, which is goodness. But it can be used to annoy users, since anyone can request it from the login screen for any user. The IP of the requestor is tracked in the email.

Suggest that this IP also be tracked in a log accessible by CUs for the relevant wiki, per discussion on the CU list.

Version: unspecified
Severity: enhancement

Details

Reference
bz14630

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 21 2014, 10:09 PM
bzimport added a project: CheckUser.
bzimport set Reference to bz14630.
bzimport added a subscriber: Unknown Object (MLST).
bzimport created this task.Jun 24 2008, 3:00 PM
bzimport added a comment.Jun 24 2008, 4:00 PM

FT2.wiki wrote:

Confirming the discussion and supporting the request.

bzimport added a comment.Jun 24 2008, 5:58 PM

brian.mcneil wrote:

I fully support this, there won't be a huge amount of use for it but if there's "requested password for xxx" in the CU log it will reveal abusers.

Alison added a comment.Jun 24 2008, 6:34 PM

This would definitely be useful. As checkuser, I also get a large number of these on a good day.

bzimport added a comment.Jun 24 2008, 7:21 PM

jeffq wrote:

Can we do this in a way that primarily tries to reduce the abuse? Perhaps we could include a statement in the web page, either before or after the reset request is made, that this request will be/has been logged in a manner accessible only by [[m:CheckUser policy|checkusers]], who are required to protect the privacy of requests but may review the log for abuse. In other words, nothing more than what people should expect webmasters to do, but a clear message to those who use this only to abuse. As a checkuser myself, I'll take the discovery tool, but would prefer prevention.

bzimport added a comment.Jun 24 2008, 8:19 PM

nicdumz wrote:

Suggesting a new hook at the end of SpecialUserlogin::mailPassword.

This hook would need imo $u as a parameter (the user that just got its password reset), and a reference to a String, the message to display instead of wfMsg('passwordsent' ...), if the hook returns true. This would allow the preventive message suggested in comment #4 to be displayed.

How does it sound ?

aaron added a comment.Aug 12 2008, 11:56 PM

Since this would only be marginally useful, given that the IP is in the spam emails, I'm not sure if this is worth implementing.

bzimport added a comment.Aug 13 2008, 12:04 AM

lar wrote:

see comments 1-4 as to why this is useful, and more than marginally... the IP in the email means that different people have to figure out who they should talk to. Logged, its easy to see a pattern of abuse. Maybe this should be debated on the CU list but the request was made after multiple CUs said it would indeed be useful and multiple CUs supported it after that.

aaron added a comment.Aug 13 2008, 12:10 AM

Yes, I saw the comments, but no rationale.

siebrand added a comment.Aug 13 2008, 6:18 PM

Rationale is that in case of account stealing a recently logged password reset request per e-mail is very relevant.

aaron added a comment.Aug 14 2008, 12:50 AM

Done in r39322. Will be discussed some before in enabling.

MarcoAurelio moved this task from General / Unsorted to Done on the CheckUser board.May 9 2016, 9:02 AM
Restricted Application added a subscriber: JEumerus. · View Herald TranscriptMay 9 2016, 9:02 AM
MarcoAurelio removed a subscriber: wikibugs-l-list.May 9 2016, 9:07 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL