Bug #8583
[0001009] : Admin - FORCE CHANGE PASSWORD - Password Reset Activation Link Can Be Reused
Status: | Work Completed-End life cycle | Start date: | June 04, 2018 | |
---|---|---|---|---|
Priority: | Normal | Due date: | June 06, 2018 | |
Assignee: | Erni Suhaireen Zulkifli | % Done: | 100% | |
Category: | - | Spent time: | - | |
Target version: | - |
Description
1. Issue Description
User is able to reuse reset password link
2. Expected Results
The previous reset password link should be invalid once new password reset link has been established
3. RIsk / Impact
Invalid session activation
4. Ref
WPTC#1315
5. Steps To Reproduce ++
1. Maker04@admin.my reset user password
2. Checker07@admin.my approve the request
3. effiechecker@paynet.my open the reset password link and change the password
4. Repeat step 1 and 2
5. effiechecker@paynet.my received another reset password link but did not click this link but click the link in step 3
6. Able to change the password
History
#1 Updated by Erni Suhaireen Zulkifli over 6 years ago
Reported issue has been retest and successfully replicated. Kindly proceed to fix on this issue.
#2 Updated by Ngoh Chee Onn over 6 years ago
- Status changed from New - Begin Life Cycle to Finished Development
- Assignee changed from Ngoh Chee Onn to Erni Suhaireen Zulkifli
Hi Erni,
This case should be enhancement, because no requirement mentions disable previous reset activation link. Enhancement had been done, please test again after deployment.
Thank you.
#3 Updated by Erni Suhaireen Zulkifli over 6 years ago
- Status changed from Finished Development to User Acceptance Test
- % Done changed from 0 to 100
Issue has been tested and successfully passed.
This issue is currently send for user testing.
#4 Updated by Siti Norahayu Mohd Desa over 6 years ago
- Status changed from User Acceptance Test to Work Completed-End life cycle
The following issue has been RESOLVED and closed by Effie on 7/6/18