Security issue: changing password shouldn't be this easy

Question

Security issue: changing password shouldn't be this easy

devmuhnnad opened this issue a year ago · comments

Muhnnad Habib commented a year ago

Hello, thank you for this incredible project ❤️

Issue Type: Security

current behavior:

Currently, users have the ability to change their passwords easily by navigating to the settings section.

Expected behavior

Users should not be able to change their password unless they provide their old password or receive a code via email for verification. This additional security measure will prevent unauthorized password changes and enhance user account protection.

Thank you for addressing this security concern promptly. If you need any further information or clarification, please feel free to ask.

PART OF GTC OPEN SOURCE INITIATIVE

Praveen kusuluri · Answer 1 · Mon Aug 28 2023 11:30:59 GMT+0800 (China Standard Time)

Can I work on this issue?