Allow the user to reset/change the master password

[tyilo]

I have forgotten my Mitro password, however I'm logged in in one my browsers, so I can just export the secrets as CSV. If I would like to continue to use Mitro I would have to create a new account with another email address.

Would it be possible to reset your account (delete all secrets + change master password) so that I can continue to use Mitro?

[tyilo]

Alternatively would it be possible to recover my master password from my logged in browser (maybe by running some code in the background page)?

[fredericmohr]

I'm not an expert on this and I'm not one of the developers, but I'm pretty sure you can't get your password back as this would be a major security issue for this kind of application.

There are two possibilities that I can think of.

1. Ask the devs to delete your account completely so you can create a new one with your original email adress
2. If you can get hold of the encrypted secrets and have the unencrypted one, maybe there is a way to get back to your encryption password. You would need to know the exact way it was encrypted, which you can find since it's all opensource know but it'll still be a lot of work. And I'm not even sure that it'll work - just a thought!

Anyway, you'd have to convince the devs at mitro to either hand out your encrypted data or to delete your account. For this they would have to be 100% sure that it's really without no doubt your account.

Good luck!

[evanj]

Yes, this is correct:

1. We can delete your account if you email support@mitro.co
2. If you are still logged in, you can reset your password at:

chrome-extension://iljkkpbfidmehafdbcacnhcaipdgbeij/html/change-password-special.html

Hope that helps!

[tyilo]

Thanks

[tyilo]

I tried changing my password but got the error Error changing password: (1mkqfcm).

[fredericmohr]

Isn't being able to change the pw kind of a security issue? It would be better if mitro would ask for reauthentication before allowing to change the password (since it re-encrypts all the things...)

[evanj]

Possibly, which is why this is currently hidden. However, since a logged in client will allow you to share passwords with anyone, it seems to us that it is roughly equivalent to:

• Share all passwords with account+2@example.com
• Log in to account+2@example.com
• Unshare all passwords with the original account

People forgetting passwords are the most frequent support issue, hence why we made it possible to reset passwords if you are still logged in somewhere. Changing your password from a logged in device will reset your key, so it will log you out on other devices.

[Arduinology]

I really liked this feature being available. I think what would make it more secure was if you had to click "Forgot my password" and then an verification link from your email.

The use case for this is limited. For this to prevent a person from resetting your password maliciously they would have to have access to your system that is logged into Mitro but not logged into your email and Mitro would have to not be storing your password for your email. This is the setup that I use personally but I doubt many people take it to this level.

Another solution would be to have a SMS based solution where the malicious party would need to have access to your texts, and thus your phone, to reset the password. This would be the base solution as it is two-factor and relies on a device that most people always have with them. Is this cost prohibitive since Mitro is free? If so would there be any community interest in building an iOS and Android app for handling two factor? Is there an API for two factor authentication that has a free version available for open source projects? I couldn't find one.

[fredericmohr]

There is an API for Google Authenticator. Correct me if I'm wrong but I think it's free to use https://code.google.com/p/google-authenticator/

However, since this function could potentially pose a security risk under certain circumstances (e.g. logged in user get attacked via XSS, etc.) there should be an option to enable reauthentication if such critical features as "share secret" or "change password", etc are invoked.

That would give users the choice wether they prefer more security over less risk to loose everything.

[vijayp]

Hi,

You can just create a new account at tim+1@repositive.io and everything will just work ok. This project is mostly in maintenance mode, so it will sometimes take a while for us to deal with such requests.

VIjay

On Thursday, March 5, 2015, Tim Richardson notifications@github.com wrote:

Hi could you please delete my account? I forgot my password, I have tried emailing a couple of times with no response. I would really appreciate this as I want to use Mitro for my work but I forgot my password.

My email is tim@repositive.io javascript:_e(%7B%7D,'cvml','tim@repositive.io');

many thanks for all your hard work, this is a great application you have created.

— Reply to this email directly or view it on GitHub https://github.com/mitro-co/mitro/issues/63#issuecomment-77347959.

[jhorbulyk]

So a couple of questions/observations:

1) Is the support@mitro.co still monitored for account reset request since Mitro's transition to an open source project?

2) Not all email servers route emails for email+1@example.com to email@example.com so @vijayp's workaround won't always work.

3) Is the link supplied by @evanj still a supported feature? I get an error when I try to use it: Error changing password: (csq908)

[jhorbulyk]

^ To address my point above: The reset link mentioned above by @evanj and in my earlier comment (item 3) (chrome-extension://iljkkpbfidmehafdbcacnhcaipdgbeij/html/change-password-special.html) will work, however you have to turn of two stage authentication to use it.

[winstonhong]

Hello jhorbulyk.

Currenly two stage authentication module does NOT work reliably.

See Issue #107.