Open watery opened 6 years ago
I've been using forgotten password without security questions for years. Looking at PwmConfiguration.xml did not show how exactly I configured the thing as most settings were at default. But in any case the forgotten password module asks for the username first, then the registration email address. The address is not stored as a security question, but is taken directly from LDAP. I think there's an option in Pwm forgotten password module which allows you to select which LDAP attributes it will query from the user before sending the recovery token.
Actually I removed all form fields and I'm only asking for the email address, I'll try to enable the username and see what happens, thanks.
Hello, this may be due to a misconfiguration on my side, of course: I'm getting that if I disable the security questions, I can register, login, etc, but I cannot recover my password because the forgotten password function requires the security responses to be set before completing the recovery process.