Beefy Boxes and Bandwidth Generously Provided by pair Networks
P is for Practical
 
PerlMonks  

Re: Requiring old password in order to change your password

by Xilman (Friar)
on Dec 30, 2010 at 22:48 UTC ( #879876=note: print w/replies, xml ) Need Help??


in reply to Requiring old password in order to change your password

Sounds good to me and I'm looking forward to the temporary URL solution

Last year I ran into a problem where not only had I forgotten my password, the on-file email address had evaporated five years previously. I wanted to register for a conference in a series for which I had previously been sponsored by my then employer. Fortunately, the conference organizers had kept my previous registration details and I was able to provide them with enough information that they could check my identity to their satisfaction. The traditional way of doing that, of course, is to provide a secondary key to the account, triggered by the asking of a subsidiary question. The question and its answer are kept on-file by the supplier of the account. Will this mechanism be used here, or are you planning some other solution to guard against email address expiry?

Paul

(Minor edits to fix a spelling mistak and remove a superfluous word word)
  • Comment on Re: Requiring old password in order to change your password

Replies are listed 'Best First'.
Re^2: Requiring old password in order to change your password
by tye (Sage) on Jan 02, 2011 at 05:21 UTC

    I wasn't planning on implementing the annoying multiple "What was the mascot of the first car where your favorite pet's maiden name's favorite sport first met their favorite superhero?" questions.

    This is a programming site so we may be able to go with some more high-tech solutions. For example, let you paste a public key to store in your account so you can save your private key whatever places you like with as strong or weak of a pass-phrase as you like and get access to change your password by correctly signing a random challenge message. Though, I'm disappointed at how non-obvious it is which commands to use to sign a message with a private key. So that might not be viable enough, sadly.1

    1 I'd love to set up a virtual machine with sshd running on it. The "I forgot my password" page would prep the machine for your account and give you it's current IP address and port number. Just log in to that machine with your user_id as login name using your private key and you'd be prompted to enter your new password. When it comes to things that you can do with a private key, using ssh seems the most widely and easily accessible. :)

    I'd also really like to be able to have two e-mails. I've many times experienced losing access to an e-mail account suddenly and unexpectedly (changing jobs is the most common example but I've also had my private e-mail service provider just go out of business suddenly and unexpectedly) or just didn't realize that I was using that old e-mail address. Having a second e-mail address registered greatly reduces the risk of me ending up with no accessible e-mail address when I realize that I need it.

    There are two competing concerns about these backups to your account password: 1) Making it possible to get back into your account despite you having forgotten your password (the "experts" tell you to not write it down, after all) and having lost access to other items (and not requiring human administrator intervention), 2) Keeping it hard for somebody to steal your account from you and also possible for you to steal it back.

    For example, (2) inspired somebody to suggest that you should be required to enter your (old) password to be able to change your e-mail address. But I think that thwarts a too-common case of (1) (at least for now). Instead, I'd like changing the e-mail to trigger an e-mail to the old address that includes a URL that can be used to regain control of the account for a limited span of time. But that presents a problem after somebody has hijacked your account and changed the e-mail address when you try to regain control and change the e-mail back.

    - tye        

      It might also help if the gods issued official policies and recommendations about how they would treat accounts with lost passwords. So far, we only have evidences from individual cases instead of general statements in the FAQ.

      I wasn't planning on implementing the annoying multiple "What was the mascot of the first car where your favorite pet's maiden name's favorite sport first met their favorite superhero?" questions.

      I wasn't suggesting you should. My suggestion is that you keep two other items on file: a string chosen by the user which is displayed on the account recovery page and another string which is compared against what the user enters after the first string is displayed. The first string would most likely be a question but need not. If I want my question to be "What is your mother's maiden name?" then it's my choice to have a response which is probably easily guessable. If my first statement is "The universe is" and the expected response is "purely 42itous" then, again, it's my choice to have something which I may be unlikely to remember five years later. It makes no difference to you whether either or both strings are meaningful and/or relevant, all you have to do is display one and check the other.

      I hope this clarifies my proposal.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://879876]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others contemplating the Monastery: (4)
As of 2020-06-04 05:10 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    Do you really want to know if there is extraterrestrial life?



    Results (30 votes). Check out past polls.

    Notices?