Ideas for Arc XP

Home| Documentation| Support|

CAPTCHA Support for Password Reset API

Currently the password reset API only requires a username and does not support CAPTCHAs. Without CAPTCHA support it's fairly easy for a malicious party to spam legitimate users with password reset emails. I propose CAPTCHA support for password reset just like there's one for magic links and registrations.

  • Stan Borbat
  • Jul 29 2024
  • Future consideration
  • Attach files
      Drop here to upload
    • Guest commented
      October 10, 2024 09:17

      Hi (Ali),

      We hereby sincerely invite you and your company to visit our booth during electronica 2024.

      C5.248

      Trade Fair Center Messe Munchen

      (10:00 - 11:00, November 13th, 2024)

    • Admin
      Jessica Cavallo commented
      September 11, 2024 00:36

      Thank you for submitting this idea. I agree it would be good to protect the password reset flows with reCAPTCHA and we will consider adding this.

    • Guest commented
      July 30, 2024 07:44

      We are being spammed by bots requesting 300+ password resets on a brand new bot created accounts. 4 million+ password resets this year so far, and all are calling the Arc services directly which are not protected.