[OFBIZ-11244] Remove the user login security question - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Implemented
Affects Version/s: Trunk
Fix Version/s: Upcoming Branch
Component/s: ecommerce, framework, party
Labels:
None

Description

After our discussion in dev ML at https://markmail.org/message/2dhc4al4adwgvl7z we will remove this feature. This Paul Foxworthy's remark is notably important:

Security is only as good as its weakest link ( https://www.schneier.com/essays/archives/2005/02/the_curse_of_the_sec.html) , and security questions can be a real weakness. Any organisation using OFBiz that really hates passwords could look at security keys from Yubico or the like.

Attachments

Options
- Sort By Name
- Sort By Date
- Ascending
- Descending

Attachments

OFBIZ-11244-framework.patch
25/Feb/20 08:12
34 kB
Wiebke Pätzold
OFBIZ-11244-framework-correction.patch
17/Mar/20 09:35
0.9 kB
Wiebke Pätzold
OFBIZ-11244-plugins.patch
25/Feb/20 08:12
4 kB
Wiebke Pätzold

Activity

People

Assignee:

Michael Brohl

Reporter:

Jacques Le Roux

Votes:

0 Vote for this issue

Watchers:

5 Start watching this issue

Dates

Created:

08/Oct/19 08:17

Updated:

17/Mar/20 11:38

Resolved:

17/Mar/20 11:38