Remove password hint responses from API (#10523)

* Log reloading behavior * Remove hints from responses. changing password implies updating the hint, but no longer displays the old one. This is a security risk for shoulder surfing and breaks the escrow model we have where it is only shared via email when requested. * Update change password hint label
2025-12-10 13:23:34 +00:00 · 2024-08-23 10:51:42 -07:00
parent aa7c9685b6
commit c2829cd71b
7 changed files with 12 additions and 12 deletions
--- a/libs/common/src/auth/models/request/update-profile.request.ts
+++ b/libs/common/src/auth/models/request/update-profile.request.ts
@@ -1,10 +1,8 @@
 export class UpdateProfileRequest {
  name: string;
-  masterPasswordHint: string;
  culture = "en-US"; // deprecated

-  constructor(name: string, masterPasswordHint: string) {
+  constructor(name: string) {
    this.name = name;
-    this.masterPasswordHint = masterPasswordHint ? masterPasswordHint : null;
  }
 }
--- a/libs/common/src/models/response/profile.response.ts
+++ b/libs/common/src/models/response/profile.response.ts
@@ -10,7 +10,6 @@ export class ProfileResponse extends BaseResponse {
  name: string;
  email: string;
  emailVerified: boolean;
-  masterPasswordHint: string;
  premiumPersonally: boolean;
  premiumFromOrganization: boolean;
  culture: string;
@@ -32,7 +31,6 @@ export class ProfileResponse extends BaseResponse {
    this.name = this.getResponseProperty("Name");
    this.email = this.getResponseProperty("Email");
    this.emailVerified = this.getResponseProperty("EmailVerified");
-    this.masterPasswordHint = this.getResponseProperty("MasterPasswordHint");
    this.premiumPersonally = this.getResponseProperty("Premium");
    this.premiumFromOrganization = this.getResponseProperty("PremiumFromOrganization");
    this.culture = this.getResponseProperty("Culture");