Avoid using the word 'password' in the APP_TOKEN_CREATED activity

Open julien-nc opened this issue 3 years ago • 1 comments

The activity message You created app password "{token}" can make some users freak out because they might think they produced something insecure to access their account.

What do you think?

Dec 19 '22 11:12 julien-nc

@artonge Thanks for the remark. I used "session" because app passwords are listed in the "Devices & sessions" block of the user security settings.

Dec 19 '22 12:12 julien-nc

@miaulalala As it's not a security fix but still something that makes some users feel their account is insecure, do we backport to 25?

Jan 02 '23 15:01 julien-nc

Doesn't this make it sound more technical and even scarier? Is there no standard for a way to call these things (I thought it was "app passwords")? :)

Jan 09 '23 09:01 jancborchardt