Answer the question
In order to leave comments, you need to log in
D
D
DrunkMaster2016-09-15 14:47:04
DrunkMaster, 2016-09-15 14:47:04
Should the user be given the right to change mail?
The site has only classic registration and entry through VK (there are no telephones, sms, etc.).
Question: does it make sense to give users the right to change their email address, for example, if they log in through VK and enter the left mail just to get behind them. Wouldn't this lead to a security hole for legitimate users? And how to change the mail if the user does not have access to the old one?
1 answer(s)
@DrunkMaster
Giving the right is worth it, but through support and ONLY ONCE! It is also worth informing the user about this in advance.
This task depends on the type of activity of the company. For example, I have more than 7 personal email addresses + corporate email addresses.
No, not right. To change mail, you need to develop an additional "layer" of security. For example, the user must enter one of the old passwords (store a hash table), or answer a few questions. Or a secret phrase, a word...
M
Maxim Babichev, 2016-09-16 @DrunkMaster
Question: does it make sense to give users the right to change their email address, for example, if they log in through VK and enter the left mail just to get behind them. Wouldn't this lead to a security hole for legitimate users?
Giving the right is worth it, but through support and ONLY ONCE! It is also worth informing the user about this in advance.
This task depends on the type of activity of the company. For example, I have more than 7 personal email addresses + corporate email addresses.
No, not right. To change mail, you need to develop an additional "layer" of security. For example, the user must enter one of the old passwords (store a hash table), or answer a few questions. Or a secret phrase, a word...
Similar questions
A
W
A
B
I
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question