Solved When a new user is created by email and password not set...

peopleinside

Hi,
a question to developers:

When a new user is created because an email reach the email address that open a ticket (new ticket and new customer creation by email) and user has not yet set a password, will be impossible access to tickets by the web interface?

For security I'm sure is not possible but I'm asking: the new user created will have a random secret password that prevent access to hi tickets or simply the password filed is empty in the database and so no password will be accepted from UI until user never set a password?

Thanks for answer to this curiosity.
Thanks again for the amazing open source!

Sanjeev

@peopleinside

User can not login to their account without setup their password.

peopleinside

@peopleinside I see that when a new user is created from a new ticket there is no password in the database so the reply is: no password is set.

The question is: is this safe, will be impossible to login in the UI without user has set a password?
I think the reply is yes but will be nice to have a confirmation from developers, also if obvious... because don't think there is a such hole in UVdesk.

Is nice to know all work in security and from my test seems all fine.

Sanjeev

@peopleinside

User can not login to their account without setup their password.

peopleinside

@sanjeev thanks for the feedback and good morning happy week!