Update password reset email text

[amplifi]

Our password reset email template reads:

You're receiving this email because you or someone else has requested a password for your user account at Cadasta Platform.

It can be safely ignored if you did not request a password reset. Click the link below to reset your password.

<link>

In case you forgot, your username is <username>.

Thank you for using Cadasta Platform!

For security purposes, we should advise users to immediately report password reset emails they didn't request; these are not safe to ignore. We should also avoid sending the username in the same email as the password reset, as this gives anyone with the email the ability to access the user account with no additional information required. Ideally, our password reset process wouldn't confirm or deny the existence of a user account for a given email address. Please see this link for password reset (and other transactional) email best practices.

[aklife97]

Hi,
Can you please clarify how do you intend to

advice users to immediately report password reset emails

Should this be as another link provided in the mail?
If yes, what should happen if the user reports the reset email?

[oliverroick]

@aklife97 Users should send an email to security (at) cadasta to let us know what happened

[jack17529]

@oliverroick assign this to me and send me the link to code.

[oliverroick]

@jack17529 during the application process for GSoC we don't assign issues to anyone. It is okay to have more than one pull request for the same issue, we will still consider it as part of your application.

[jack17529]

@oliverroick sorry sir ,I read it then forgot.
But sir can we ask in comments section that anybody is working on this issue?