[IRCServices] Re: [ IRCServices] Suggestion

[Imran Ali Rashid]

> One month ago I was asking about a SENDPASS command in NickServ.
> Some people from the list replyed that it is not possible to send the password
> as long as the encryption is not reversible.
> But Lonewolf pointed out that would be nice to make services reset the
> password (/*to some rand chars*/) and send it to user.

How about having it if encryption isn't used and changing the password if it is?
There was a discussion on this and its on Andrew's todo list.
I've forgotten what was suggested as regards to allowing the user to use this,
or only the services admins.

> But this is just a half of the problem. The other half is that a
> password-thief will change the email address as soon as he has the password
> for a nick...so any new passwords will be sent to a wrong address. This is the
> reason I was talking about a parallel db read-only for regular users...

How about having the email address(the old one) in the log file instead of having a
separate db. Anything to stop from having another db :-)

> When to insert a new email? Only at registration time? And what to do with
> users changeing email address? etc).

this is the only issue currently associated with the new db idea, the rest are easy to avoid.

> It's a long story...that's why I sayd it may sound stupid...but I guess there
> are others too who have this kind of problems with stolen nicks.

Stupid is not a nice word to use :-)
Nothing is stupid, well almost nothing, and this doesn't come under it.

> 
> Partizanu
> 
> 
> Imran Ali Rashid wrote:
> 
> > 2. Implement a sendpass command which services admins may use to
> >     have services send the password to the users email address.