jrob8577
commented
7 years ago I'd rather just display an ambiguous error - it's bad form to tell a hacker that an email exists in the system
Open EthanJStark opened 7 years ago
jrob8577
commented
7 years ago I'd rather just display an ambiguous error - it's bad form to tell a hacker that an email exists in the system
A user can currently register using an email that is already in the database.
I'd expect that user to be prompted with "User exists! Sign in? Or did you forget your password again?"