Skip to:
Content
Pages
Categories
Search
Top
Bottom

Profile Change Password – Require Existing Password

  • On the password confirm page on 1.2.4.1 (at url http://mybpurl.com/members/username/settings/) a logged-in user can change their password. This is excellent. The problem is, if a user is logged in on a publicly accessible computer (and forgets to logout) there’s a chance someone else could come around and set a new password.

    How can I require a user to enter their existing password before being able to create a new password?

Viewing 1 replies (of 1 total)
  • Avatar of Skyrie
    Skyrie
    Participant

    @skyrie

    I know this is an old thread, but this is exactly what I’m looking for. I’m surprised nobody has added this in a plugin yet, it’s kind of important security-wise.

Viewing 1 replies (of 1 total)

You must be logged in to reply to this topic.