Re^2: User Editor Page and clear text passwords (do it)

I was going to say that there should be three fields: old password and new password twice. That way stealing a cookie wouldn't allow you to change the victim's password (without an additional cracking step).

However, I don't want to increase adminstrative requests because of people who have forgotten their password but still have a cookie.

Perhaps we could do that after we add a 'password reminder' question and answer for each user...

But I think the change to special-case empty password fields (and to not pre-fill those fields) would be a pretty simple change.

- tye

Comment on Re^2: User Editor Page and clear text passwords (do it)

Replies are listed 'Best First'.
Re^3: User Editor Page and clear text passwords (feedback) by bart (Canon) on Feb 17, 2004 at 14:56 UTC
I was going to say that there should be three fields: old password and new password twice. That way stealing a cookie wouldn't allow you to change the victim's password (without an additional cracking step). You could tackle that the other way around. You do have everybody's email address from the time when they requested a user account, don't you? Granted, it's possible that address is no longer valid, but that aside... What I'm thinking of, is to send a mail to this address whenever the password is changed, with the new password. That way, the original author can always steal his own account back.	[reply]

Replies are listed 'Best First'.

Re^3: User Editor Page and clear text passwords (feedback)
by bart (Canon) on Feb 17, 2004 at 14:56 UTC

I was going to say that there should be three fields: old password and new password twice. That way stealing a cookie wouldn't allow you to change the victim's password (without an additional cracking step).

What I'm thinking of, is to send a mail to this address whenever the password is changed, with the new password. That way, the original author can always steal his own account back.

[reply]