Is the error message 'Could not find user' when using Forgot Password' configurable?

if you put a bad email address into the Crucible "forgot password" - you get a message informing you that the email does not exist - "Could not find user". This is not security best practice as it lets the hacker know that the email is valid for use somewhere within the company network. Is this configurable to state "an email has been sent if we recognize the address" or similar?

1 answer

1 accepted

2 votes


Thanks for your question. Since v4.0 FishEye/Crucible is no longer exposing the information on whether the email exists or not. See the following JIRA ticket for the reference:


Best Regards,

Mikolaj Zyromski

FishEye/Crucible Team

Suggest an answer

Log in or Join to answer
Community showcase
Davin Studer
Published Thursday in Confluence

FUME – A Better Confluence User Macro Editor Experience

...\\.title', editorDiv: 'userMacroEditorDiv', isNew: function(){ return AJS.$('#user-macro-form').prop('name') == 'addusermacro' ? true : false; }, editor: null, isDirty...

45 views 0 4
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you
Atlassian Team Tour

Join us on the Team Tour

We're bringing product updates and pro tips on teamwork to ten cities around the world.

Save your spot