Last modified: 2012-12-30 22:03:21 UTC
For unified users, password reset requests dont work on wikis where the user has not visited before. This is because a local account for that user has not been created in that wiki. So, after trying to reset password on that wiki, we get an error "The username '$username' is not registered on this wiki, but it does exist in the unified login system". Even if I wanted to create a new account on this current wiki, I wont be allowed to do so citing that my desired username is very similar to/ same as the existing one. As a user, now I need to remember which wiki I had created that account on or any other wiki which I have visited before (as a logged in user) and then try to reset the password there. As Dantman suggested we cannot allow creating local accounts on wikis where the user has not visited before because you could abuse that to force MW to create local users on wikis that a user will never go. It could be used both as a form of user harassment and as a way to spam the RC even when blocked. A better approach would be to improve CentralAuth to allow resetting all passwords centrally for unified users. Should this approach be approved & if it requires significant efforts, I would be interested on making these changes after I am done with SignupAPI
