25 Feb
2009
25 Feb
'09
1:01 p.m.
On Mon, Feb 23, 2009 at 1:05 PM, Guillaume Lerouge <guillaume(a)xwiki.com> wrote:
Indeed, showing the first 5 chars + domain name could
be ok, like :
guillaume(a)xwiki.com => guill...(a)xwiki.com
Or even limiting to the domain name, like: "your password has been sent to
your @xwiki.com email account".
WDYT?
Maybe that would be acceptable.
Usually, by all means of classic security measures in information
systems I ever read and heard, Emails should not be shown - as well as
a list of all users in a wiki whould not be shown unless users accept
explicitly to be listed.
A user who forgot on which Mail account he has registered should
either have to check all his 3 or 100 accounts, or he's lost anyway if
the mail account is already dumped, then he has to create a new wiki
login anyway.
Sure these things are more important in partly closed and private wiki
as I am going to use it for, and less for closed wikis, but xWiki is
an enterprise wiki, which is most often closed for many but a limited
amount of people.
Wikipedia is a total different environment - but for a wiki like this,
many people rather use mediawiki...
Henning