http://www.perlmonks.org?node_id=396253


in reply to Re^2: Email security for monks?
in thread Email security for monks?

I would like to see an option for users to upload their public PGP/GPG key. It's the sort of situation that public key crypto was designed for - I can give every site my public key, and it can't be 'stolen'.

Fair enough that moves the problem from "I forgot my password" to "I lost my private key", but people tend to take more care of their private key.

(I'm sure you know this, I'm just going for a bit of an expository ramble here :)

e.g. I really wish I had of uploaded my public key to perlmonk.org since I've changed my password and forgot to note it down in my top secret "net passwords" file. Now I've gotta do exactly what the top poster said - convince jcwren that I'm not some yahoo trying to hijack an account.

And as for the forgetting the email address problem - it does happen. I've been on the web long enough that I have accounts on servers where the email address is now invalid due to me moving ISPs - perlmonks is one of those (I'd better go fix it now).

___________________
Jeremy
I didn't believe in evil until I dated it.

Replies are listed 'Best First'.
Re^4: Email security for monks?
by opqdonut (Acolyte) on Oct 05, 2004 at 19:04 UTC

    What a good idea! I wonder if asymmetric key authentication could be implemented on perlmonks and other sites like slashdot so I wouldn't have to care about passwords.

    I've always thought that rsa (or PGP) key authentication is the way to go, passwords are such a bother :)


    J