Changing license setting may set password to empty
|Reported by:||sazius||Owned by:|
I encountered this because I've set my web browser (Iceweasel/Firefox 21) to store my MediaGoblin password and automatically fill it in when it deems appropriate.
Steps to reproduce
- Go to "Change account settings".
- Web browser automatically fills in "Old password" field, but leaves "New password" field empty (user that only wishes to change license setting will not notice this as it happens automatically).
- Change license setting if you want (this seems to be optional).
- Press "Save changes."
- Log out and try to log in again: your old password doesn't work, the new password is the empty string. (Can be confirmed e.g. by trying to login with the piwigo plugin which allows empty password to be entered.)
The change account settings dialog should either warn of empty password, or simply assume the user does not wish to touch the password if it is left empty. (As was my case.)
Change History (5)
comment:2 by , 10 years ago
|Status:||in_progress → review|