Jump to content

Search the Community

Showing results for tags 'username'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Essentials
    • Announcements
  • Passwordstate 8.x
    • General Support
    • Feature Requests
    • Feature Requests - Completed
    • Known Issues
    • Installing Passwordstate
    • 3rd Party Hardware/Software Knowledge Forum
  • Knowledge Base
    • General FAQs
    • Password Resets
    • Remote Session Launcher
    • Mobile Client
    • Passwordstate API
    • Browser Extensions
    • Password Reset Portal
  • Passwordstate 7.x
    • General Support
    • Known Issues

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Google Plus Account


Location


Interests


Biography


Location


Interests


Occupation

Found 1 result

  1. Haven't seen this here yet, and please point me in that direction if a thread already exists, but I'd like to request a change to the error message that is displayed at the Self-Service Password Rest Portal. Currently, if you input a username that does not exist, you are told that the username was not found. This allows an attacker to enumerate valid accounts for your organization and proceed with related attacks against Security Questions, MFA options and other attack avenues. Could this be a more generic message that does not indicate whether an account is valid or not?
×
×
  • Create New...