search

supertuxkart / stk-addons

SuperTuxKart Addons Website
Other
37 stars 28 forks source link

Username recovery #89

Open auriamg opened 6 years ago

auriamg commented 6 years ago

Some users may forget their username, so username recovery based on their email would be a welcome feature

qwertychouskie commented 6 years ago

Maybe just change the password recovery to only require their username or email, not both. Some users also may forget which of their emails they used when making the account, but still know their username, so this would benefit them too.

auriamg commented 5 years ago

@leyyin I would like to remove the "Minor" label you added as this is generating quite a fair amount of support requests that we need to handle manually

vampy commented 5 years ago

Ok, I'll see what I can do about this.

snowfall-sc commented 5 years ago

My User name totally forget please help.

ringo32 commented 5 years ago

cannot make a new login or finding my old login :)

grantcarthew commented 5 years ago

Same here. Kids username has been forgotten. Can't register a new name because the email already exists. Seems a little silly requiring both a username and a password.

deveee commented 5 years ago

@grantcarthew If user name doesn't matter, then you can just use something like https://10minutemail.net/

grantcarthew commented 5 years ago

Hi @deveee and thanks for the comment. This is not what this issue is about. If I wanted to create an account I could.

No website anywhere asks for your username AND email address to reset. If the usernames have to be unique, then you only need one of the identity items. If the usernames do not need to be unique, then you only need the email address to reset.

Whilst on this topic, it is a security breach to inform the person who is resetting the account that the username/email combination failed. A "reset submitted successfully" message is all that should be displayed. By letting the user know that they got something wrong you enable brute force attacks.

I'm running Debian unstable and update often. This issue is going to get bigger quickly. You are seeing the early adopters right now.

deveee commented 5 years ago

I understand the problem, it was just a quick workaround.

dmccollough1 commented 11 months ago

Sad that here at the tail end of 2023 that this is still open and unresolved. :( (and yes, if I knew how to fix this issue, I'd gladly contribute code to do so)

JusPLP commented 3 months ago

are there any plans?