When someone wants to change his / hers password in the profile edit page he / she fills in the new password and confirms it. However it would be better if he / she fills in the current password either. If that's not right, the new password isn't set.
This is on every site, but not as default in Dolphin. Strange...
The reason that we want this is that it might happen that someone logs in in a public place. Forgets to log out and that everyone could change the password etc.
Is there a way to achieve this?
Current password at Profile edit page
 |
This is a good point. Another reason most sites verify it is to prevent attacks that use session hijacking or man in the middle attacks. BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin |
Below is the legacy version of the Boonex site, maintained for Dolphin.Pro 7.x support.
The new Dolphin solution is powered by UNA Community Management System.
The new Dolphin solution is powered by UNA Community Management System.