[IRCServices] Suggestion

[Andrew Church]

>>I think it would be nice to see a "Last modif by" when useing "/msg
>>chanserv access #channel list".
>
>     I'm not sure of the value of this compared to the amount of
>bookkeeping it would take.
>
>>And another thing...this is more a question then a suggestion.
>>We have problems with users takeing others nickname password.
>>We enforced the use of an email adress when registering a nickname, but
>>of course, first thing when somebody take a password is to change that
>>address. So we don't have any sure way to check if the new password goes
>>to the right address.
>>
>>And I was thinking...I know it may sound silly...but can we have a
>>duplicate db with emails that can be changed just by services admins? Or
>>any other way to secure this thing? Ideas? Suggestions? Thanx a lot.
>
>     Since users having their passwords taken almost certainly means they
>chose an easy-to-guess password, the right solution is to educate the
>users.  I don't see why Services should have to run through hoops to try
>and solve this problem.  (Of course, if your server is being
>packet-sniffed, then you have other problems altogether.)

     Another thought just occurred to me: since Services logs the
user at host mask used to register a nick, you can check your logs for the
mask in use when the nick was registered, and compare that with the one
in use currently.  I do think it would be reasonable to record the E-mail
address used with the REGISTER (or SET EMAIL) command, so I'll look into
doing that.

  --Andrew Church
    achurch at achurch.org | New address - please note.
    http://achurch.org/ | メールアドレスが変わりました。