search

credential-handler / authn.io

Credential Mediator Polyfill
https://github.com/w3c-ccg/credential-handler-api
Other
44 stars 8 forks source link

Add a passphrase confirmation field on registration #20

Closed dlongley closed 9 years ago

dlongley commented 9 years ago

Since the passphrase is intended to be long (for security) and since it has greater significance than just a single account on a particular service (rather it is used to remember a DID used for federated login), we should require a confirmation field to ensure people don't make simple mistakes and get frustrated later when their passphrase doesn't work.

erickorb commented 9 years ago

Thanks!

Mr. Fat Fingers

"Trust only credentials that are TrueCredverified."

Eric Korb, President/CEO - accreditrust.com https://www.accreditrust.com GoogleVoice: 908-248-4252 http://www.linkedin.com/in/erickorb @erickorb @accreditrust

On Fri, Sep 11, 2015 at 1:28 PM, Dave Longley notifications@github.com wrote:

Since the passphrase is intended to be long (for security) and since it has greater significance than just a single account on a particular service (rather it is used to remember a DID used for federated login), we should require a confirmation field to ensure people don't make simple mistakes and get frustrated later when their passphrase doesn't work.

— Reply to this email directly or view it on GitHub https://github.com/digitalbazaar/authorization.io/issues/20.

mattcollier commented 9 years ago

This issue was intended from bedrock-idp and was addressed with: https://github.com/digitalbazaar/bedrock-idp/commit/9bed4acad4463c3bbe6124b55cc8a9b5284cb117