Skip to content
Snippets Groups Projects
Open Do not send "changed password" emails on password rehash
  • Do not send "changed password" emails on password rehash

  • Do not send "changed password" emails on password rehash

    Open Task created by Brendan O'Connor

    image.png

    With the feature flag enabled in non-production environments (including staging), when users logged in, they subsequently received emails indicating their passwords had been changed. Their passwords still worked for login, indicating that the password hadn't been changed, and prompting them to reach out to the Security team. A check of the staging database confirmed that the users' passwords were upgraded to WF 13, indicating that the email was a consequence of the change associated with the initial feature flag. Slack thread (internal) including user confusion.

    This issue: fix that. (Drew suspects, and I concur, that the fix is likely to use a lower-level function to do the new password save, but the proof is in the pudding proving that in code and then adding more tests.)

    Edited by Brendan O'Connor

    Linked items 0

  • Link items together to show that they're related or that one is blocking others.

    Activity

    • All activity
    • Comments only
    • History only
    • Newest first
    • Oldest first