Hi guys,
BOINC plans to remove authenticator-based login support, for the website but eventually across the board, to finally strengthen its security model. We think that this is a very important and overdue step but we'd also like to know how you think about that, focusing on the website login first. Do you depend on it? If so, why?
Thanks for sharing,
Oliver
Einstein@Home Project
Copyright © 2024 Einstein@Home. All rights reserved.
The only usage case I can
)
The only usage case I can think of (but never had to use) would be if I had changed my e-mail and not updated the account information and then also forgotten my password. So can't get a new password as I would not have access to the old e-mail, and as it's required to have an account and be logged in to post in the message boards or send a PM so can't ask for help.
Some sort of help from an admin to get access to the account would be nice but then how do I prove it's my account and that I'm not trying to get access to someone else's account?
Holmis wrote:The only usage
)
I can report that there have been a half-dozen users who have had this problem: old account with old inaccessible email. Thus they cannot reset their password. I had them login via their authenticator to PM me, so as to prove they owned the account.
Einstein@Home Project
Yep, that's a valid concern.
)
Yep, that's a valid concern. However, the question is whether this tiny use/edge case would justify keeping the arguably weak security that's currently in effect, for everyone. I doubt it. To be honest, there's only so much you (read: we) can do. So, if you maneuvered yourself into the situation you described, then you might just have to face the consequences and start over with a new account. It wouldn't be the end of the world. IOW, try to avoid running into such a problem by keeping your passwords safe in the first place. Don't you agree?
Thanks
Einstein@Home Project
Shawn Kwang wrote:I had them
)
That could still be done by just telling you (an admin) the authenticator over an encrypted channel. No need for an actual login.
Oliver
Einstein@Home Project
I agree that the security
)
I agree that the security concerns outweigh the case I described. A user finding himself/herself in that situation could create a new account and then contact a project admin (we need to get the roles displayed in the forum!) to get access to the old account. Thereafter abandoning the new account, or having it deleted.
However this procedure might need some documentation and I believe a good place for it would be on the page show after one clicks the "request new password" link, replacing the "authenticator-based login" link maybe?
Holmis wrote:could create a
)
Not sure what you mean by that, but we should discuss the details in JIRA as part of the actual change to remove the authenticator. Right now I want to use this thread to get an idea of how that would affect people and make sure we don't overlook any use cases.
Oliver
PS: FYI, at least all admins should have a signature that shows they're part of the E@H team.
Einstein@Home Project
oliver.bock@aei.mpg.de
)
If a user had accumulated quite a bit of history in the old account, but then life got in the way for a period, the email might have changed, the password might have been 'lost' so the user could just create a 'throw-away' account purely for the purpose of getting admin attention to allow a password reset for the old account. I think Holmis was alluding to something along those lines.
I have no problem with the authenticator going as I can't remember ever needing to use it for login purposes. I would support Holmis' suggestion to put simple recovery instructions for what to do if the email is no longer current and the password has been lost.
Whilst using the authenticator to circumvent a lost password is a technical matter, I suspect that a lot of users may miss seeing the message in 'Technical News' because, well ..., they try to avoid getting too technical! :-). Perhaps those users aren't really the target demographic anyway :-).
I suspect there are lots of people who have signatures turned off to avoid all the totally useless, bandwidth sapping bling that people insist on cramming into a signature. I did that way back in the beginning when (with a slow internet connection) I got frustrated with how long it took to download or refresh threads. Turning off signatures made a huge difference. If possible, it would be better to have it where it can't be turned off.
Cheers,
Gary.
Citat:Gary Roberts
)
Yes, that's what I was trying to describe. It could hold a lot of value for a volunteer to be able to resurrect an old account with it's history and credit compared to starting over on a new account.
I've kept the signatures turned off for quite some years now. Not primarily because of bandwidth constraint but rather screen space and readability.
On the old website the roles of admins, scientists, forum moderators etc was displayed under the username on the left along with the join date, posts, credit etc.
I think that would be a better place for it and I seem to remember it was part of a ticket on JIRA but can't find it.
Sorry for going a bit off topic, now let's see if anyone else has anything to add!
Gary Roberts wrote:Perhaps
)
Correct, hence my choice. What would be better suited? Any other forum would be actually "remote" to those casual users I think and a standard news posting would be too far reaching (as would be personal emails to everyone).
Signatures are a workaround. There's been a ticket to add the roles to the user profiles but it's rather low prio compared to others.
Einstein@Home Project