[IRCServices Coding] SENDPASS with encryption...
Craig McLure
Craig at chatspike.net
Wed Feb 4 16:08:24 PST 2004
i came up with that idea 3hours ago.. its not come thru yet thou :/
/****************************************
* Craig "FrostyCoolSlug" McLure
* InspIRCd - http://www.inspircd.org
* ChatSpike - http://www.chatspike.net
****************************************/
/****************************************
* From - Eric Murphy <emurphy at sporked.us>
* To - IRC Services Coding Mailing List <ircservices-coding at ircservices.za.net>
* Sent - 2004-02-04 21:05:03
* Subject - Re: [IRCServices Coding] SENDPASS with encryption...
****************************************/
/****** - Begin Original Message - ******/
>Possibly make it somewhat like the mail auth...
>
>User does something like /msg nickserv sendpass
>then nickserv sends the users registered email a random code
>then the user takes the code and does /msg nickserv [some command] code
>(possibly identify?) then nickserv lets them use /msg nickserv set
>password as though they were identified.
>
>Eric
>
>On Wed, 2004-02-04 at 13:08, Martin Pels wrote:
>> I'm looking forward to this module. It is what kept us from switching to
>> encrypted passwords.
>>
>> Here's some ideas on the abuse problem:
>> * Only allow usage of the command from hosts that are in the nickname's
>> accesslist
>> * Send the nick!user at host of the user that issued the command in the E-mail
>> (it won't prevent abuse, but at least you'll know who's been playing around)
>> * Give a notice to services operators/admins each time the command is issued
>> * Limit the amount of times the command can be used successively
>>
>> Hope this helps.
>>
>> Grtz,
>> Martin
>>
>> ----- Original Message -----
>> From: "Craig McLure" <Craig at chatspike.net>
>> To: "ircservices-coding" <ircservices-coding at ircservices.za.net>
>> Sent: Wednesday, February 04, 2004 4:47 PM
>> Subject: [IRCServices Coding] SENDPASS with encryption...
>>
>>
>> > I've been working on a module that allows use of sendpass whilst using
>> encrypted passwords (i'll contribute the source to Andy when complete for
>> inclusion in services), it will work by changing the users password, and
>> mailing them that.. but i cant find around other users using it miliciously
>> to aggrovate others..
>> >
>> > anyone got any idea on how this can be resolved? thanks :)
>> >
>> > /****************************************
>> > * Craig "FrostyCoolSlug" McLure
>> > * InspIRCd - http://www.inspircd.org
>> > * ChatSpike - http://www.chatspike.net
>> > ****************************************/
>> >
>> > ------------------------------------------------------------------
>> > To unsubscribe or change your subscription options, visit:
>> > http://www.ircservices.za.net/mailman/listinfo/ircservices-coding
>> >
>> ------------------------------------------------------------------
>> To unsubscribe or change your subscription options, visit:
>> http://www.ircservices.za.net/mailman/listinfo/ircservices-coding
>
>------------------------------------------------------------------
>To unsubscribe or change your subscription options, visit:
>http://www.ircservices.za.net/mailman/listinfo/ircservices-coding
>.
/******* - End Original Message - *******/