Re: Email security for monks?

I understand the point you're making, but there is a problem that is difficult to circumvent here. First, we like to give people the ability to receive an email reminder when they forget their account password. Second, we like to let people update their info when they change email accounts.

How do we go about satisfying both criteria, while making it impossible, for someone who has gained unauthorized access to a PM account, to update the email address and password? We can strengthen password security by forcing password aging, trickier passwords, and other such strategies (each of which make the site more difficult to use, and introduce the potential for increased user error), but ultimately, if we want to let people update their own user info, I don't see how we could prevent anyone who gains access to the account from doing the same.

Hiding email info from a user won't prevent that user from updating his email address. And if he can update his email address, so can anyone else who knows his password.

Protect your passwords, and if you should happen to believe your account has been comprimised, pray to the gods that they might help you get it sorted out. At least we have some nice people here who may help out.

Dave

Comment on Re: Email security for monks?

Replies are listed 'Best First'.
Re^2: Email security for monks? by tye (Sage) on Oct 04, 2004 at 03:35 UTC
The proposal was to not allow you to change your e-mail address unless you can enter your old (current) e-mail correctly; making your e-mail address a bit like a second password. A problem with this is that it needs to address the unlikely situation of someone not remembering what their old e-mail address was. Or, more likely, when someone enters their e-mail address incorrectly and doesn't notice and so can never change their e-mail address again. This is the same reason why I haven't made it so you have to enter your old password in order to change your password. Perhaps you should be required to enter at least two of your password, e-mail address, and "real name" in order to be able to change (or see) any of them? And it'd be nice if we had a solution for the "I forgot my password and I no longer have that e-mail address" problem. At least we no longer output the password in the HTML when you edit your home node. - tye	[reply]
Re^3: Email security for monks? by jepri (Parson) on Oct 04, 2004 at 14:36 UTC
I would like to see an option for users to upload their public PGP/GPG key. It's the sort of situation that public key crypto was designed for - I can give every site my public key, and it can't be 'stolen'. Fair enough that moves the problem from "I forgot my password" to "I lost my private key", but people tend to take more care of their private key. (I'm sure you know this, I'm just going for a bit of an expository ramble here :) e.g. I really wish I had of uploaded my public key to perlmonk.org since I've changed my password and forgot to note it down in my top secret "net passwords" file. Now I've gotta do exactly what the top poster said - convince jcwren that I'm not some yahoo trying to hijack an account. And as for the forgetting the email address problem - it does happen. I've been on the web long enough that I have accounts on servers where the email address is now invalid due to me moving ISPs - perlmonks is one of those (I'd better go fix it now). ___________________ Jeremy I didn't believe in evil until I dated it.	[reply]
Re^4: Email security for monks? by opqdonut (Acolyte) on Oct 05, 2004 at 19:04 UTC
What a good idea! I wonder if asymmetric key authentication could be implemented on perlmonks and other sites like slashdot so I wouldn't have to care about passwords. I've always thought that rsa (or PGP) key authentication is the way to go, passwords are such a bother :) J	[reply]