#15 Unique Key Generation on user Registration for password reset

Closed
opened 3 years ago by Uncled1023 · 3 comments

This key would allow a user to generate a password reset, without giving any personal information (phone, secondary email, etc).

This key would allow a user to generate a password reset, without giving any personal information (phone, secondary email, etc).
Uncled1023 commented 3 years ago
Owner

This has changed slightly with the addition of the ability for a user to add a PGP Public Key to their account. If that key is present, the server will use it to encrypt a temp token, and then the user would have to decrypt it using their private key and enter the token to reset their password.

This has changed slightly with the addition of the ability for a user to add a PGP Public Key to their account. If that key is present, the server will use it to encrypt a temp token, and then the user would have to decrypt it using their private key and enter the token to reset their password.
Uncled1023 commented 2 years ago
Owner

User’s can now have recovery emails. Lower priority now.

User's can now have recovery emails. Lower priority now.
Uncled1023 commented 2 years ago
Owner

Users can now create authentication keys, so no real need. Closing until further notice.

Users can now create authentication keys, so no real need. Closing until further notice.
Sign in to join this conversation.
No Milestone
No Assignees
1 Participants
Due Date

No due date set.

Dependencies

This issue currently doesn't have any dependencies.

Loading…
Cancel
Save
There is no content yet.