[IRCServices] Re: [Imran Ali Rashid - IRCServices] Suggestion

Strider strider at chatcircuit.com
Mon Mar 19 16:43:18 PST 2001 

The parallel db sounds good, but the only way I can see that working well
would require a small network and/or a lot of admins. Unless you make it to
where once set, it never ever changes. Another problem arrises though with
this. If the email is to never change if the nick is taken over, that would
me not changing even when the nick is dropped. This could cause problems
with nicks that are dropped by the right person (either the owner or oper)
and someone down the road wants to use the nick. On a small network such as
mine this probably isn't a big problem, but if you have a large network with
many registrations in a day, then it could be difficult to keep up with.

Beau (Strider) Steward
chatcircuit administrator and 6bit band member
strider at chatcircuit.com        www.chatcircuit.com
ircadmin at chatcircuit.com     irc.chatcircuit.com
strider at 6bit.net                    www.6bit.net
----- Original Message -----
From: "Partizanu" <silvius at expres.ro>
To: <ircservices at ircservices.za.net>
Sent: Sunday, March 18, 2001 8:44 AM
Subject: [IRCServices] Re: [Imran Ali Rashid - IRCServices] Suggestion


> One month ago I was asking about a SENDPASS command in NickServ.
> Some people from the list replyed that it is not possible to send the
password
> as long as the encryption is not reversible.
> But Lonewolf pointed out that would be nice to make services reset the
> password (/*to some rand chars*/) and send it to user.
>
> But this is just a half of the problem. The other half is that a
> password-thief will change the email address as soon as he has the
password
> for a nick...so any new passwords will be sent to a wrong address. This is
the
> reason I was talking about a parallel db read-only for regular users...
> Again, the idea may sound stupid and it has a lots of "bugs" in it (eg.
How
> and When to sync the two databases? How to prevent that the
> "only-opers-can-modify" database will never sync with Nickserv database
and
> overwrite the good email address with the new/fake address from NickServ's
db?
> When to insert a new email? Only at registration time? And what to do with
> users changeing email address? etc).
> It's a long story...that's why I sayd it may sound stupid...but I guess
there
> are others too who have this kind of problems with stolen nicks.
>
> Partizanu
>
>
>
> Imran Ali Rashid wrote:
>
> > 2. Implement a sendpass command which services admins may use to
> >     have services send the password to the users email address.
>
>
> -----------------------------------------------------------
> To unsubscribe, mail ircservices-request at ircservices.za.net
> with the word UNSUBSCRIBE in the subject of the mail.
> http://www.ircservices.za.net/mailman/listinfo/ircservices
>