postfixadmin

You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

History

Sylvain Tissot ffb84283c2 Harden password reset process The improvements are: - Die with an explicit message when a user is trying to reset his lost password and the option is disabled in config - Redirect user to main page after password change using relative URL - Don't leak info whether user exists or has recovery info defined - Throttle password reset requests to prevent brute force attacks - Show phone/alt email fields in mailbox/admin edit form only when the password reset option is enabled - Make database upgrade code compatible with other databases types - Use the existing password generator to generate OTP. It is now stored in database, unique to each user, valid only for 1 hour and can only by used once.		7 years ago
..
css	- add ability to choose activation date for vacation message in user module	15 years ago
images/calendar	- add some images	15 years ago
calendar.js	- add ability to choose activation date for vacation message in user module	15 years ago
edit-alias.php	use Config-class, check auth first, fixed redirect	8 years ago
index.php	remove "postfixadmin.com" in comments in lots of files	11 years ago
login.php	Harden password reset process	7 years ago
main.php	remove "postfixadmin.com" in comments in lots of files	11 years ago
password-change.php	Harden password reset process	7 years ago
password-recover.php	Harden password reset process	7 years ago
password.php	Add CSRF protection for POST requests	8 years ago
vacation.php	remove "postfixadmin.com" in comments in lots of files	11 years ago