Details
-
Bug
-
Resolution: Fixed
-
Medium
Description
Basically prompt the user to re-enter their password for destructive events, like deleting a repo.
Hi,
I logged a few days ago on bitbucket, on my computer, using openid. Today I was able to delete permanently a repository without proving my identity. Maybe you could add a password check in this case ?
Regards,