diff options
Diffstat (limited to 'yuck.mdwn')
| -rw-r--r-- | yuck.mdwn | 7 |
1 files changed, 7 insertions, 0 deletions
@@ -163,6 +163,13 @@ reference in discussions. * (PRIVACYSTORE) Yuck MUST NOT store personal information it does not need. * (PRIVACYLEAK) Yuck MUST NOT leak personal information. +* (PWRESET) Yuck MUST support the user resetting their password, + securely. +* (TEMPLOCK) Yuck MUST support locking an account temporarily, if it + is the target of too many failures. This is to avoid an attacker + from brute-forcing a password by trying many times. +* (TEMPLOCKNOTIFY) Yuck MUST notify an account owner of temporary + locking, out of band. # Architecture: the ecosystem |