 | | A possible enhancement idea
|
|
One idea I had that may or may not be a good one is this: What about having subsequent authentication emails put multiple authentication numbers into the URL if other posts from the same user are awaiting authentication? This way it would be (...) (23 years ago, 20-Jun-01, to lugnet.admin.nntp)
|
| |
| | Enhancement for us web-posters
|
|
OK, it's not really NNTP, but I couldn't find anywhere better to ask. Todd, any chance us web-posters could get a cancel button? Like you know, if I wanna obliterate that post I didn't read before I hit the dreaded "Post" button? I was thinking (...) (23 years ago, 20-Jun-01, to lugnet.admin.nntp)
|
| |
| | OK maybe there's a plus to this authentication...
|
|
...it forces people to think at least a couple of seconds before they post - that's gotta be good! And Todd's even stuck a "let me think about it" button on the authentication page! Maybe it's not that bad after all! ROSCO (23 years ago, 20-Jun-01, to lugnet.admin.nntp)
|
| |
| | Re: E-mail authentication during posting
|
|
(...) If you automate the reponse to the authentication e-mail, all I have to do is spoof your identity as Mad Hatter has done several times. Because the authentication gets sent to your email regardless of where I post from, and your response is (...) (23 years ago, 20-Jun-01, to lugnet.admin.nntp)
|
| |
| | Re: Email Authentication - Why not make it optional?
|
|
Brad you rasie some good points, my take is that if you are being Spoofed you might not know it untill it's too late and someone has either ruined your reputaion or you seem to be held in low regard when you post and you don't know why because some (...) (23 years ago, 20-Jun-01, to lugnet.admin.nntp, lugnet.general)
|
| |
| | Re: E-mail authentication during posting
|
|
Hello Ross, hello everybody, (...) Can one of you set me straight: I assume the attacker has no access to my email account. How could he, then, automate an email reply I have to send in order to make my post valid? As for a minimum amount of (...) (23 years ago, 19-Jun-01, to lugnet.admin.nntp)
|
| |
| | Re: Email Authentication - Why not make it optional?
|
|
(...) Maybe we should take this offline to dig in further on cracking but I see this as really hard to crack. If you have some ideas on how to crack it, I suggest you send them directly to Todd so he can see if there's some angle he overlooked. I (...) (23 years ago, 20-Jun-01, to lugnet.admin.nntp, lugnet.general)
|
| |
| | Re: Email Authentication - Why not make it optional?
|
|
(...) 8?) But life will be miserable if the earthquake hits with little or no warning. (...) So in other words, one annoying person has effectively forced many others to put up with an unnecessary (until now) inconvenience. I also use the web, and (...) (23 years ago, 20-Jun-01, to lugnet.admin.nntp, lugnet.general)
|
| |
| | Re: Email Authentication - Why not make it optional?
|
|
(...) It was hurricane season so a seawall was what was needed. If and when there is an earthquake likely that would be the time to do things to earthquake proof. (...) They should consider switching to the web mechanism or putting up with the (...) (23 years ago, 20-Jun-01, to lugnet.admin.nntp, lugnet.general)
|
| |
| | Re: Email Authentication - Why not make it optional?
|
|
(...) I hate to say it, but... me too. I was very happy to see Todd put the new security features in place. Obviously no change will please everyone, but I think some action had to be taken. Thanks, Todd! -Marc Nelson Jr. (...) (23 years ago, 20-Jun-01, to lugnet.admin.nntp, lugnet.general)
|
| |
| | Re: Email Authentication - Why not make it optional?
|
|
(...) Shiri, This *doesn't* solve the problem for people who don't have access to a browser to authenticate their posts. It also doesn't solve the problem of people who compose a bunch of posts off-line, then dial-up to send them. These people now (...) (23 years ago, 20-Jun-01, to lugnet.admin.nntp, lugnet.general)
|
| |
| | Re: Email Authentication - Why not make it optional?
|
|
Well, It sounds like the problem was a lot more widespread than I thought. Perhaps these "bad" people weren't posting in groups I frequented. Anyhow, it sounds like the security stuff is here to stay and will probably get more intrusive rather than (...) (23 years ago, 20-Jun-01, to lugnet.admin.nntp, lugnet.general)
|
| |
| | Re: Email Authentication - Why not make it optional?
|
|
Brad, Please note that most people here don't like to post "me too" posts. Usually the people who agree to what a post says will remain silent, while the objecting parties will be a lot more vocal. I think that a great number of people are (...) (23 years ago, 20-Jun-01, to lugnet.admin.nntp, lugnet.general)
|
| |
| | Re: Email Authentication - Why not make it optional?
|
|
(...) But a seawall's not gonna help you against an earthquake... (...) ...if you use the web to post. Most of the people complaining use email or a newsreader to post, for which there's no way to "log on". ROSCO (23 years ago, 20-Jun-01, to lugnet.admin.nntp, lugnet.general)
|
| |
| | Re: Email Authentication - Why not make it optional?
|
|
(...) Until said clone (or someone else) finds another way around it. (...) I enjoyed my time on Lugnet even when the clone was having fun - I just ignored the posts (mostly). (...) I also use the web to post 99% of the time, but I'm still not (...) (23 years ago, 19-Jun-01, to lugnet.admin.nntp, lugnet.general)
|
| |
| | Re: Email Authentication - Why not make it optional?
|
|
Amen to you Brad. I've just gotten onto LUGNET, and it's an absolute hassle to post because of the e-mail authentication. As to how anybody could like this is absolutely bizarre to me, it is time consuming and for the most part unecessary to 99% of (...) (23 years ago, 19-Jun-01, to lugnet.admin.nntp, lugnet.general)
|
| |
| | Re: E-mail authentication during posting
|
|
I'm agreeing too.. This kind of authentication is bothering me.... ---> Less messages... "r2" <lego@r2eng.com> schrieb im Newsbeitrag news:GF5CCF.9vH@lugnet.com... (...) and (...) in (...) (23 years ago, 19-Jun-01, to lugnet.admin.nntp)
|
| |
| | Re: Email Authentication - Why not make it optional?
|
|
(...) Likewise. I'm happy to see the authentication system implemented. It's been one of my longest-standing concerns about LUGNET's security, and frankly, I'm surprised we've gone as long as we have without it. (...) Yeah, that. I'm not sure what (...) (23 years ago, 19-Jun-01, to lugnet.admin.nntp, lugnet.general)
|
| |
| | Re: Email Authentication - Why not make it optional?
|
|
(...) Well allow me to say that I am glad that Todd implemented this measure. Mostly because since it has been implemented, we have gotten rid of the annoying clone. And it will continue to help LUGNET remain a very nice friendly place that I (...) (23 years ago, 19-Jun-01, to lugnet.admin.nntp, lugnet.general)
|
| |
| | Email Authentication - Why not make it optional?
|
|
This email authentication is driving me nuts! A lot of people were already timid about posting and now its going to be worse. Since this has happened, I've seen one reply of the nature "Great - I'm so happy you did this!" post and a huge number of (...) (23 years ago, 19-Jun-01, to lugnet.admin.nntp, lugnet.general)
|
