Opened 9 years ago
Closed 8 years ago
#1421 closed defect (bug) (invalid)
The "forgot?" link should go to "Lost your password?" form
Reported by: | SergeyBiryukov | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Component: | Login & Authentication | Keywords: | |
Cc: |
Description
- Go to https://wordpress.org/support/.
- If you're logged in, log out.
- The "forgot?" link in the header goes to the bbPress login form, which redirects to login.wordpress.org form.
- It should go directly to Lost your password? form, without requiring one more click.
Additionally, both "forgot?" and "Register" links in bbPress header are non-SSL.
Change History (6)
#2
@
9 years ago
- Resolution invalid deleted
- Status changed from closed to reopened
Forgot and register links changed to SSL in bb-theme/wporg/login-form.php.
#3
in reply to:
↑ 1
;
follow-up:
↓ 4
@
9 years ago
Replying to Otto42:
No, it should not go directly to the link, actually. The redirect is intentional.
I didn't mean the redirect should be eliminated, I meant it should redirect to the correct place.
When I click the "forgot?" link in a login form, I expect to see a password reset form, not yet another login form.
#4
in reply to:
↑ 3
@
9 years ago
Replying to SergeyBiryukov:
I didn't mean the redirect should be eliminated, I meant it should redirect to the correct place.
When I click the "forgot?" link in a login form, I expect to see a password reset form, not yet another login form.
Yes, I see now.
The problem here is that the older bbPress does not really draw a distinction between the two cases like WordPress does.
Think this might be one of the things that waits for the upgrade.
No, it should not go directly to the link, actually. The redirect is intentional.
The SSL thing I can see either way, but the redirect is there to reduce the change and impact upon external links to those pages, as well as to cover cases we might miss internally.
The unified login is replacing lots of different pieces. We need to make sure we cover all cases.
There is a valid argument that it should redirect to the lostpassword case, but in any case, it should be a redirect, not a direct link.