Closed gustavonmartins closed 7 years ago
This type of problem is already predicted to happen 3 years ago, see issue https://github.com/oftc/oftc-ircservices/issues/1
(would like to close this issue and duplicate and continue discussion on the other bug, but I don't see a close button)
Duplicate of #1.
I have just requested /msg nickserv SENDPASS, and got an email with a command to paste in IRC in order to change my password, in the form of "/msg NickServ SENDPASS mynick small-number:big-number"
After this, the nickserv had some trouble to recognize me, but eventually it did. Unfortunately, I pasted and sent the message with the big number into the #oftc room because I though this command expires after being used, but to my surprise, people on the channel were able to change my password!
This is very disturbing and I hope I dont lose my nick.
Please, update the system so that this big number becomes invalid after one-time use. The code for this seems to be inside the file: oftc-ircservices/modules/nickserv.c