A couple of questions about ASP.Net Core default implementation for login security
By default, ASP.Net Core configures the login exercise with a couple of things that seem strange to me. I’d like someone who knows more about infosec than I to comment on these please.
First, it sends an email to a user upon registration …