IntegraMOD

Home of phpBB Integrated Modifications
https://www.integramod.com/forum/

Security Not Emailing Password Reminder

https://www.integramod.com/forum/viewtopic.php?f=18&t=4562

Page 1 of 1

Security Not Emailing Password Reminder

PostPosted: Mon Jan 21, 2008 11:16 pm
Author: spaniel
Your phpBB Version: 2.0.
phpBB Type: Integramod 141
MODs: Yes
Your knowledge: Beginner

De.scription and Message

I forgot the password on a test account so i filled in the form to have it emailed to me and it gave me this somewhat strange message:

Due to safety reasons it is not possible to send a new password every 20 minutes. Please contact the administrator if you have trouble!



Thing is i've only asked it once to send me the password, not "every 20 minutes". And lo and behold, the email with the password hasn't arrived.

Re: Security Not Emailing Password Reminder

PostPosted: Tue Jan 22, 2008 10:12 am
Author: CaNNon
Looks like security had your account locked (to many tries) in a case like that it also locks the send new password for the same amount of time.

somewhat strange message


I agree there are a few places that wording isn't very helpful.

Re: Security Not Emailing Password Reminder

PostPosted: Tue Jan 22, 2008 10:57 am
Author: DjPorkchop
Nice catch. Maybe a trip to the language file for a re wording is in order.

PostPosted: Tue Jan 22, 2008 2:05 pm
Author: spaniel
But i'd reactivated the account and when i went into Admin it said that profile was active. <img>

Re: Security Not Emailing Password Reminder

PostPosted: Wed Jan 23, 2008 12:02 am
Author: CaNNon
I'm not convinced where your unlocking them has any influence on cracker tracker what so ever?

IF: CT locked then CT must unlock it?
I've never really been able to undo one before the time expired. I think CT is using it's own ban system to enforce this and not user admin system.

PostPosted: Wed Jan 23, 2008 6:18 am
Author: sanji
This problem is coming from ctracker, as there is the following line :
Code: Select all
$lang['ctracker_pwreset_info']   = 'Due to safety reasons it is not possible to send a new password every %s minutes. Please contact the administrator if you have trouble!';  


in the lang_cback_ctracker.php


On this [url=http]post[/url], there was a quick explanation on how to completely de-activate ctracker (just commenting 1 line). It could be worth to try to do this to confirm that this problem is coming from ctracker.

On how to fix it, I probably can't help as I removed it from my site and have no idea how to deal with it...

Although I would check in ACP / Ctracker / Parameters, where there is an option to block the sending of email requiring a new password "too often"...

sanji

Re: Security Not Emailing Password Reminder

PostPosted: Wed Jan 23, 2008 10:59 am
Author: CaNNon
It's CT for sure sanji. Checking the setup for control of it is a good idea.

Re: Security Not Emailing Password Reminder

PostPosted: Wed Jan 23, 2008 11:06 am
Author: CaNNon
I think it must be this one sanji.

in --> General Safety Features

Password Reset Period of Time
Period of time users may reset their password (in minutes)


The default on this is 20, It's the only one that looks close.
All times are UTC - 8 hours [ DST ]
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/