|
|
|
|
|
|
by merty
4992 days ago
|
|
|
I'm aware of the fact that this makes attackers' jobs easier. However, many websites (including Codecademy) tells you whether the email address you provided is registered or not, when you visit the Forgot Password page. If you are displaying a message such as: "If the email address you provided is registered, you will receive an email shortly." then I can actually believe that your main concern is security and that's what prevented you from displaying a clearer error message. Just added this at the end of the post for clarification. |
|
|