Author: lar
Description:
The system provides a way to reset a user password via email, which is goodness. But it can be used to annoy users, since anyone can request it from the login screen for any user. The IP of the requestor is tracked in the email.
Suggest that this IP also be tracked in a log accessible by CUs for the relevant wiki, per discussion on the CU list.
Version: unspecified
Severity: enhancement