add brute force protection to password reset to make it harder to guess user logins

Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-01-19 09:51:44 +01:00 · 2017-01-19 09:51:44 +01:00 · 927d3865a0
parent 2cfedb3623
commit 927d3865a0
1 changed files with 1 additions and 0 deletions
--- a/core/Controller/LostController.php
+++ b/core/Controller/LostController.php
@ -202,6 +202,7 @@ class LostController extends Controller {

 	/**
 	 * @PublicPage
+	 * @BruteForceProtection passwordResetEmail
 	 *
 	 * @param string $user
 	 * @return array