Subject:
|
Re: Getting a password reset?
|
Newsgroups:
|
lugnet.admin.general
|
Date:
|
Sun, 23 Jul 2000 02:39:21 GMT
|
Viewed:
|
290 times
|
| |
|
|
Larry Pieniazek <lpieniazek@mercator.com> wrote in article
<Fy20EC.6GJ@lugnet.com>...
> In lugnet.admin.general, Geoffrey Hyde writes:
> > Sounds like maybe you should automate it, and have a script-driven • requester
> > that takes the address of the user and then automatically sends the • password
> > to the registered address of the person. The same way a lot of websites
> > handle forgotten passwords ...
>
> There are, I think, two gotchas with this plan
>
> 1. There isn't really a concept of a "registered" email address, per se, • that
> is associated with a user. A user can have multiple addresses. For • instance, I
> have 3 listed on my member page: • http://www.lugnet.com/people/members/?m=5
> and I have a number of different cookies in force on various machines as
well.
But if I can get set up as a 'registered' user of Lugnet, then why can't I
set up a 'registered' email address to which I authorize any
'administrative' emails to be sent?
> 2. While e mailing your password to you in cleartext is good enough for
> ecommerce sites, and even banks and credit card companies, it's not • secure
> enough to conform to the security standards in place here at Lugnet(tm). • At
> least not as I understand them. Todd has expounded on why that is.
I've read about the security, but can't say that I understand the need for
CIA level counter measures being applied to a discussion oriented web site.
> You may not
> agree with the reasoning but it's his site and security is more important • to
> him than convenience.
You are right Larry. That is the bottom line.
But, as the old adage goes, "Just because something is possible, doesn't
mean you should do it."
As mentioned in another post, I will simply continue to search out the
original password, as this seems to be more convenient.
Regards,
Allan
|
|
Message has 2 Replies:
 | | Re: Getting a password reset?
|
| (...) Well, I think that you find turning your house upside down "more convenient" rather telling. Todd and I have had disagreements about this in the past. Leave it at that. One piece of advice, once you do get your password reset or once you find (...) (24 years ago, 23-Jul-00, to lugnet.admin.general)
|
Message is in Reply To:
| | Re: Getting a password reset?
|
| (...) There are, I think, two gotchas with this plan 1. There isn't really a concept of a "registered" email address, per se, that is associated with a user. A user can have multiple addresses. For instance, I have 3 listed on my member page: (URL) (...) (24 years ago, 21-Jul-00, to lugnet.admin.general)
|
19 Messages in This Thread:
  
 
- Entire Thread on One Page:
- Nested:
All | Brief | Compact | Dots
Linear:
All | Brief | Compact
This Message and its Replies on One Page:
- Nested:
All | Brief | Compact | Dots
Linear:
All | Brief | Compact
|
|
|
|
