News:

Bored?  Looking to kill some time?  Want to chat with other SMF users?  Join us in IRC chat or Discord

Main Menu

Help, I'm locked out of my SMF account!

Started by SethStudent, May 21, 2015, 12:02:53 PM

Previous topic - Next topic

debiwebi

Quote from: Kindred on June 25, 2015, 06:49:33 AM
I mean, when I have time, in a eek or so, I will delete the new/duplicate account and merge the posts to your debiwebi account :)

Well, if you must... and don't think it will mess up the "paper trail" for members that end up doing what I did.

Talking about keys: I'm actually missing a couple that my parrot chewed off, so I really have to plan what I'm going to type ahead of time, lol. Thanks again.
Some mornings it just isn't worth
chewing through the leather straps.
~Emo

Unlimited Own Posts Editing Time

debiwebi

Hey Kindred, I've been thinking about your comment about deleting my other account. Is that really necessary? Forum protocol? Merging my other messages into this account will make nonsense out of much of the content, if anyone ever runs into the same problem I did and ends up reading the post progression. So if it's not standard procedure, I'd really appreciate your leaving my accounts "as is/are."

Also, I've been thinking about the "Require reactivation after email change" setting and it doesn't make a lot of sense to me. At first I just accepted it as a security feature, but then realized that if someone other than the account owner were to hack into an account and change the email address, the hacker would receive the reactivation email and be able to reactivate the account anyway, unbeknownst to the account owner. The same procedure is not used for changing passwords? Hacking consequences would be even worse in that case. If the purpose is simply to confirm that the new email address is valid, I'm not sure that's even necessary since a member will question their email address as soon as they realize they are not getting emails from subscribed topics. Which is what started this whole issue for me.

Commercial web sites send a courtesy email to the account owner, at their original email address, alerting them to the fact that an account change has been made (email, password, whatever), a response being needed only if the owner did not initiate the change. It's more of a CYA for the web site, since they could potentially be sending the email to a now-invalid email address.

Anyway, am I not "getting" the purpose of the email change reactivation?  I've turned it off on my forum so none of my members end up locked out because they screwed up their email address (like I did) or their email or ISP filters out the reactivation email at a level not accessible by the member (I had someone complain about Hotmail doing this).

My two cents. 100% more than a penny for thoughts, lol.

Some mornings it just isn't worth
chewing through the leather straps.
~Emo

Unlimited Own Posts Editing Time

LiroyvH

Yeah we try to minimize clone accounts.

Quote
Also, I've been thinking about the "Require reactivation after email change" setting and it doesn't make a lot of sense to me. At first I just accepted it as a security feature, but then realized that if someone other than the account owner were to hack into an account and change the email address, the hacker would receive the reactivation email and be able to reactivate the account anyway, unbeknownst to the account owner.

Well yeah, but if they hacked in to that anyway; does that really matter?

Quote
If the purpose is simply to confirm that the new email address is valid, I'm not sure that's even necessary since a member will question their email address as soon as they realize they are not getting emails from subscribed topics.

We want it to be valid for a variety of reasons. Amongst which are to ensure people don't change it to that of someone else. And ensure it's correct for resets/notifications. Multiple advantages to it for us.

So, ensure to type it correctly. ;)
((U + C + I)x(10 − S)) / 20xAx1 / (1 − sin(F / 10))
President/CEO of Simple Machines - Server Manager
Please do not PM for support - anything else is usually OK.

debiwebi

Quote from: CoreISP on June 29, 2015, 03:17:11 AM
Yeah we try to minimize clone accounts.

So, ensure to type it correctly. ;)

I wonder how many clone accounts there are because of this setting. I'm pretty sure I'm not the only person who can't type, lol. Thanks, Core ISP.  :)
Some mornings it just isn't worth
chewing through the leather straps.
~Emo

Unlimited Own Posts Editing Time

Advertisement: