Skip to content

coderd/userauth: log when an attempted password reset attempt fails #15154

New issue
New issue
Closed
Bug
#15267
Closed
coderd/userauth: log when an attempted password reset attempt fails#15154
Bug
#15267
Assignees
DanielleMaywood
Labels
bug riskProne to bugs
@johnstcn

Description

@johnstcn
johnstcn
opened on Oct 21, 2024

Relates to #14232

Motivation

A security team may wish to monitor attempts to reset user passwords.

Proposed Solution

We should drop some logs at ERROR or WARN when the following events occur:

  • A password reset request is submitted for a user account that does not exist
  • An invalid password reset request is submitted for a user account due to the one time code not matching

Metadata

Metadata

Assignees

Labels

bug riskProne to bugs

Type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions