g105b
commented
4 years ago This duplicates the functionality of #20
Open g105b opened 4 years ago
g105b
commented
4 years ago This duplicates the functionality of #20
g105b
commented
4 years ago Duplicates the functionality of #9
It will one day come up that a user has forgotten their authentication mechanism AND lost access to their email address.
It is then down to the discretion of the application administrator to validate the identity of the user, through whatever means necessary.
If the application administrator is sufficiently confident that the user's identity has not been compromised, they should be able to offer a new password and/or change the email address used to log on.
A huge warning is necessary to show the application administrator at this point!