At the minute users register to your site with a single emails dress that is used for all password recovery and notifications. However, should the user lose access to this email, they will also be unable to reset their passwords. There are a lot of sites out there that allow suers to add an additional recovery email as well as their standard email which is only used for password recovery and not notifications. I think this would be a useful addition that is becoming more and more standard across the web. Added to 2FA everywhere, this gives users more control over their account and recovery options.
cool
I Agree with this
Definitely agree with this. It sure would help a lot of members (at least on my forums).
I like this idea.
I would prefer a secret security question/answer over a second email address. Nowadays you have so many email addresses and some people change them over the time. I don't know if it is a benefit if you provide them two (or more) possibilities instead of one when registering. If they forget number one (because it is too old) they will forget number two as well.
(2016-02-27, 01:45 PM)Amaryllion Wrote: [ -> ]I would prefer a secret security question/answer over a second email address. Nowadays you have so many email addresses and some people change them over the time. I don't know if it is a benefit if you provide them two (or more) possibilities instead of one when registering. If they forget number one (because it is too old) they will forget number two as well.
Security questions usually provide very poor security; if you enter a personal e-mail address in addition to a work/school/website address you'll still be able to recover your account should the latter become unavailable (which is not uncommon).
(2016-02-26, 10:50 PM)Euan T Wrote: [ -> ]At the minute users register to your site with a single emails dress that is used for all password recovery and notifications. However, should the user lose access to this email, they will also be unable to reset their passwords. There are a lot of sites out there that allow suers to add an additional recovery email as well as their standard email which is only used for password recovery and not notifications. I think this would be a useful addition that is becoming more and more standard across the web. Added to 2FA everywhere, this gives users more control over their account and recovery options.
I like the idea. in addition to that, what about possibly adding a cell phone number to your account so the forum system can send you a text with some random X digit code before you can reset your password like some sites have...
(2016-02-27, 02:31 PM)Devilshakerz Wrote: [ -> ] (2016-02-27, 01:45 PM)Amaryllion Wrote: [ -> ]I would prefer a secret security question/answer over a second email address. Nowadays you have so many email addresses and some people change them over the time. I don't know if it is a benefit if you provide them two (or more) possibilities instead of one when registering. If they forget number one (because it is too old) they will forget number two as well.
Security questions usually provide very poor security; if you enter a personal e-mail address in addition to a work/school/website address you'll still be able to recover your account should the latter become unavailable (which is not uncommon).
agreed.
I really don't see the point of a second e-mail address. The user should secure their emails accounts to be able to recover them instead.
I have so far never come across a site that requests this info to me IIRC.