If a legitimate user (Cooperator or Ordinary Member) has his/her computer / mobile phone stolen, with the Pseudonym + Password to access the AlirPunkto platform and the access to his/her e-mail account stored on it, the person having stolen the device has the capacity to totally usurpate the identity of the user, by changing the password to access AlirPunkto and changing the contact e-mail addres (or by changing the password to the e-mail account). The user has no means to recover the connection to the AlirPunkto platform.
Desired state
I propose that the user be provided with an "Identity Recovery Code", i.e. a character string long enough to provide a very high number of combinations - and yet short enough to be copied reliably by hand.
In the long term, this "Identity Recovery Code" would be provided to the legitimate user at the end of his/her registration with clear instructions to keep it secret - and not on his/her device. Thereby, if the legitimate user has lost the connection to his/her account as described above, s/he would use that "Identity Recovery Code" to prove that s/he is the legitimate user and access the AlirPunkto platform to then change his/her password and e-mail address safely. This development is not an immediate priority, and should hence be started only later.
In the short term however, I propose that the LDAP contains an additional field called identityRecoveryCode and containing a string of 64 characters.
Current state
If a legitimate user (Cooperator or Ordinary Member) has his/her computer / mobile phone stolen, with the Pseudonym + Password to access the AlirPunkto platform and the access to his/her e-mail account stored on it, the person having stolen the device has the capacity to totally usurpate the identity of the user, by changing the password to access AlirPunkto and changing the contact e-mail addres (or by changing the password to the e-mail account). The user has no means to recover the connection to the AlirPunkto platform.
Desired state
I propose that the user be provided with an "Identity Recovery Code", i.e. a character string long enough to provide a very high number of combinations - and yet short enough to be copied reliably by hand.
In the long term, this "Identity Recovery Code" would be provided to the legitimate user at the end of his/her registration with clear instructions to keep it secret - and not on his/her device. Thereby, if the legitimate user has lost the connection to his/her account as described above, s/he would use that "Identity Recovery Code" to prove that s/he is the legitimate user and access the AlirPunkto platform to then change his/her password and e-mail address safely. This development is not an immediate priority, and should hence be started only later.
In the short term however, I propose that the LDAP contains an additional field called
identityRecoveryCodeand containing a string of 64 characters.