for anyone stuck on getting user, the OWASP methodology link for discovering potential bad practices when admins/devs create a new account that @th3y posted is a great hint
for anyone stuck on getting user, the OWASP methodology link for discovering potential bad practices when admins/devs create a new account that @th3y posted is a great hint