Secure password reset before authentication?
I have recently been considering the password reset flow for a site I’m working on. A request came up that before authentication, a user should have an option to change their password by providing:
Username
Current Password… Continue reading Secure password reset before authentication?