‘No Account for That Email Exists’ Warning

eTool Features Requests ‘No Account for That Email Exists’ Warning
0
4 years ago
Fei
declined1
Motivation (why we need this feature): so that users that don't realise they haven't created an account are directed to the correct route for setting up., Which regions need the feature?: Global, Which projects types does the feature support?: Buildings, Infrastructure, Fit Outs, Landscaping, Which ratings systems require the feature?: N/A,

I just tested the password reset function with a fake email address and it still notified me that an email was sent. It would be better if it actually checked if such an account existed so that users realise they need to create an account first. Perhaps a button to ‘create new account’ as well with the warning?

One Comment

  1. Richard Haynes

    Hi Fei,

    Unfortunately this is by design and is a security requirement. The penetration test we ran in 2018 identified the ability of bad actors to determine valid vs invalid email addresses when the system gave different warnings based on the user having an account or not. So for now we’ll have to close this one.

    Rich

Leave A Comment?

You must be logged in to post a comment.