If you've lost your password, the problem is easily solved. Either drop me a U2U containing the name under which you posted and your current email address, or send me an email at toharmnone@yahoo.com giving me that information, and I'll have the system send you a new password. You can then change that password to whatever you like through your control panel when you log in.

If you've tried to reset your password and have met with no success, the problem is almost always that you're using a different email address than is listed on your profile. :)

Is there any verification that the person sending in the information is the person who is actually the correct person?

I mean, feasably I could send you an email with the posting name and my 'new' email address and now have effectively taken over another's PC account.

:?:

That is, certainly, a possibility. However, once a request has been sent, there are questions I can ask that would affirm whether or not the person requesting the password is, indeed, the original poster. ;)

I probably should clarify that there is no foolproof way to guarantee that the requestor is the original poster. Personally, I'd wonder why somebody would want to pretend to be somebody else, but...well, the things people seem to want to do surprise me daily. Sometimes they surprise me on a minute by minute basis. :lol:

[Edited on 12-18-2005 by HarmNone]

Is there any verification that the person sending in the information is the person who is actually the correct person?

I mean, feasably I could send you an email with the posting name and my 'new' email address and now have effectively taken over another's PC account. >>

I saw this as a concern as well.

It is a concern, no doubt. It would be difficult for a person to take over a very active account, since we're pretty aware of these people and how they post, how they use language, etc. An old account, or one not used often could, theoretically, fall victim to an imposter. However, I'd expect the real poster to let me know pretty quickly if they're still active. If they're not still active, it probably wouldn't make much difference.

Again, I can't imagine anybody wanting to take the account of someone posting on a message board, but stranger things have happened. People do forget their passwords, and are often U2Uing or emailing to get another sent to them. There's no way we can absolutely insure they're the correct person; at least, not on these boards.

Outstanding security protocols in place here.. just because major portions of the patriot act failed doesn't mean it has to extend to the PC.

i am so gonna take over ganalon's account. mwhahahahahhaaha

This is Kranar, i am using this name because i lost my password, plz u2u it to me

???

Unless you:
1) Know the other person's e-mail address
and
2) Can access the other person's e-mail address
or
3) Are Caels
then nobody can feasibly retrieve your password.


and I'll have the system send you a new password.
I'm assuming what HarmNone is doing is no different than requesting a password through the login page. If this is the case, it's as secure as you can get: you need to be able to access the person's e-mail address to get the password. I've requested HarmNone's password before, and it was reset, but since I do not know her e-mail password I couldn't stealx0r her PC password. I did confuse her, though, since she couldn't log in until she checked her e-mail.

The scenario is that a person requesting a new password use the excuse that they have a new email address. Ergo verification by the system is rendered ineffective.

How many of you have the same email address that you had when you first registered with the PC?

I know mine has changed, and I dont have mine registered on the PC because of a certain stalker who not only stalks my posts here, but also stalks me on the OOC channel.

Originally posted by hectomaner
i am so gonna take over ganalon's account. mwhahahahahhaaha

I knew it!!!

Its all because I told you to change that crotch hypnotic avatar isnt it!

You'll take over my identity then make amorous gestures at people like Tabor and Seany Digital in my name. My reputation will be ruined!!!

Or worse yet, go wild in the politics folder and start agreeing implicitly with everything that Backlash and Warriorbird post. That thought makes me want to eat a bullet. :(

Next I'll have to sell all my characters and go play WoW or something. :(

[Edited on 12-18-2005 by Ganalon]

<<The scenario is that a person requesting a new password use the excuse that they have a new email address. Ergo verification by the system is rendered ineffective.>>

Then make a new account and stfu. It's not the Admin's fault that you don't have the same e-mail address.

<<How many of you have the same email address that you had when you first registered with the PC?>>

I do, as do a lot of people.

<<I know mine has changed, and I dont have mine registered on the PC because of a certain stalker who not only stalks my posts here, but also stalks me on the OOC channel.>>

2 bad?

Wrong Bob. The goal was to ask about the security methods of verifying password issuance and verification based on a requestor with a different email. That was indeed a valid question. Ergo your response to STFU, 2 bad, or to start up another account is immature and insufficient at best.

Pull your head out of your ass please, its becomming annoying.

[Edited on 12-18-2005 by Ganalon]

<<The goal was to ask about the security methods of verifying password issuance and verification based on a requestor with a different email.>>

The answer should undeniably be, "Too bad, make a new account."

Any other method is asking for insecurities.

Originally posted by Bobmuhthol
<<The goal was to ask about the security methods of verifying password issuance and verification based on a requestor with a different email.>>

The answer should undeniably be, "Too bad, make a new account."

Any other method is asking for insecurities.

And thats the reason why this forum was vastly different from the the simliar attitudes of yours as were found on the Klaive forum.

I'm certainly glad you're not in any position of moderation or authority here, else there would be few who would remain posting with an attutude that you currently display.

Okay.

Bob's a teenager. He's obviously having some "angst" or something.


-TheE-

Obviously.

Originally posted by Xyelin
Outstanding security protocols in place here.. just because major portions of the patriot act failed doesn't mean it has to extend to the PC.

This version of the XMB boards (Partagium) is a security nightmare. That's why Kranar is working on getting us set up on a better, more secure, and more efficient system. :)

All XMB has terrible security. It's even worse in 1.9 Beta.

IS MY MEGAHURTZ SAFE?

okay Hulk, that made me giggle a little. :D

Originally posted by Bobmuhthol
All XMB has terrible security. It's even worse in 1.9 Beta.

It won't be XMB.

Originally posted by CrystalTears
It won't be XMB.

Yep!

Yay!

<<It won't be XMB.>>

I'm aware.

vBulletin plz.

http://metasploit.com/projects/Framework/exploits.html#php_vbulletin_template

I just like the layout of vB. Don't know how secure it is, and didn't mean to insinuate that, if it was taken that way.

I took it as a personal taste suggestion, but was just pointing out mainly to the Admins that it took me about 90 seconds to find a way to hack it.