Details
-
Improvement
-
Resolution: Unresolved
-
Trivial
-
None
-
None
-
registry.larpp.internet2.edu
Description
It'd be neat to have an option for COmanage set a cookie during the registration process that is checked again on email validation. That would help prevent careless email forwarding. It could just be a random UUID or something.
This would also be a nice layer of protection against spear-phishing attacks originating from SMTP(can tell users to always expect forbidden if they didn't start the process).
Attachments
Issue Links
- is related to
-
CO-487 Account Linking Should Not Require Second Login
- Resolved