Other operator password reset with different operator's OTP
User can reset the password of other operators with the OTP received for a different operator.
For example, consider two operators, Operator A and Operator B.
Operator A can login with the updated password of Operator B using the OTP received for Operator A.
Steps to Reproduce
Consider two operators, Operator A and Operator B
- Click the Forgot Password link available on the login screen.
- Enter the email ID of Operator A ([email protected]_mail.com).
- Click the Reset Password button. System sends an OTP to Operator A's registered email ID.
- Click the Forgot Password link again.
- Enter the email ID of Operator B ([email protected]_mail.com).
- Enter the OTP received in the email for Operator A.
- Enter the new password and confirm. The system accepts the OTP entered. Operator A can login with the updated password of Operator B.
OperatorID was not included as the key for the referenceID for the OTP.