Oh no! someone could send me an email confirming that I want to reset my password! Just like every other site out there that has a forgot password link.
They know their email and ID - so it's targeted. Without this information it is generic and easily spotted. Quoting your repository is a lot more personal and believable.
Additionally you can use the previous warning emails to really target somebody as one of the few that need "further recovery/security" steps. This is a security issue.
Additionally you can use the previous warning emails to really target somebody as one of the few that need "further recovery/security" steps. This is a security issue.