Change a username?

General technological topics without their own forum go here

Change a username?

Post by QueenC on Tue Apr 08, 2014 2:39 pm
([msg=80177]see Change a username?[/msg])

My username sucks. I am but a lowly script kiddy, but i still want a better user name then what has been my email account for the last eight years. Do I have to delete my account? and if so, how would I do that?
QueenC
New User
New User
 
Posts: 4
Joined: Sun Mar 16, 2014 5:53 pm
Blog: View Blog (0)


Re: Change a username?

Post by 0phidian on Tue Apr 08, 2014 3:02 pm
([msg=80181]see Re: Change a username?[/msg])

Just create a new account. I dont know if you can delete the old one.
User avatar
0phidian
Poster
Poster
 
Posts: 277
Joined: Sat Jun 16, 2012 7:04 pm
Blog: View Blog (0)


Re: Change a username?

Post by -Ninjex- on Tue Apr 08, 2014 3:50 pm
([msg=80182]see Re: Change a username?[/msg])

0phidian wrote:I dont know if you can delete the old one.


As of now, you can not delete your account.
I don't see why this isn't an option yet, it's a fairly simple addition :?
image
For those that know
K: 0x2CD8D4F9
User avatar
-Ninjex-
Moderator
Moderator
 
Posts: 1691
Joined: Sun Sep 02, 2012 8:02 pm
Blog: View Blog (0)


Re: Change a username?

Post by pretentious on Tue Apr 08, 2014 11:20 pm
([msg=80184]see Re: Change a username?[/msg])

-Ninjex- wrote:
0phidian wrote:I dont know if you can delete the old one.


As of now, you can not delete your account.
I don't see why this isn't an option yet, it's a fairly simple addition :?

Pretty sure it's a security measure so if an exploit is found https://www.hackthissite.org/forums/viewtopic.php?f=37&t=10064&hilit=csrf. It limits the potential damage.
create a new account, update the pic, redo the missions and let the old account gather dust, That's what I did
Goatboy wrote:Oh, that's simple. All you need to do is dedicate many years of your life to studying security.

IF you feel like exchanging ASCII arrays, let me know ;)
Can you say brainwashing It's a non stop disco
User avatar
pretentious
Addict
Addict
 
Posts: 1217
Joined: Wed Mar 03, 2010 12:48 am
Blog: View Blog (0)


Re: Change a username?

Post by -Ninjex- on Wed Apr 09, 2014 3:58 pm
([msg=80189]see Re: Change a username?[/msg])

With proper authorization and tokens in place, it shouldn't be a problem.
Keeping backups of the account for about a month (in case something malicious did happen) and having users verify via email confirmation can also mitigate potential threats; assuming XSRF was able to delete a users account.
image
For those that know
K: 0x2CD8D4F9
User avatar
-Ninjex-
Moderator
Moderator
 
Posts: 1691
Joined: Sun Sep 02, 2012 8:02 pm
Blog: View Blog (0)


Re: Change a username?

Post by cyberdrain on Thu Apr 10, 2014 4:09 pm
([msg=80207]see Re: Change a username?[/msg])

QueenC wrote:Do I have to delete my account?

You don't have to and even then you need a valid reason/emergency for it. You can create as many accounts as you like (within reason that is), so go ahead and be creative :)

-Ninjex- wrote:With proper authorization and tokens in place, it shouldn't be a problem.<br>Keeping backups of the account for about a month (in case something malicious did happen) and having users verify via email confirmation can also mitigate potential threats; assuming XSRF was able to delete a users account.

This also prevents people from impersonating a previous user in addition to protecting users. I don't think keeping backups of accounts for a month will be good enough, sometimes people return after a few years even. You could say it's their own fault if their mail is also compromised, but I would rather have the policy be based on safe than sorry. Besides, the only thing those accounts take up is space and probably very small amounts too, something that's not a problem with the current state of hard-disk storage.
Free your mind / Think clearly
User avatar
cyberdrain
Expert
Expert
 
Posts: 2160
Joined: Sun Nov 27, 2011 1:58 pm
Blog: View Blog (0)


Re: Change a username?

Post by pretentious on Fri Apr 11, 2014 1:29 am
([msg=80212]see Re: Change a username?[/msg])

cyberdrain wrote:
QueenC wrote: the only thing those accounts take up is space and probably very small amounts too, something that's not a problem with the current state of hard-disk storage.

I agree the space would be small and I can only speculate but I've got a feeling the database set up is somewhat complex(forum account and main etc) and I recon it would be more trouble than it's worth(considering development resources) to add the feature even if they wanted to. Then again database design/admin isn't exactly my strongest field. HTS doesn't use phpmyadmin do they? :)
Goatboy wrote:Oh, that's simple. All you need to do is dedicate many years of your life to studying security.

IF you feel like exchanging ASCII arrays, let me know ;)
Can you say brainwashing It's a non stop disco
User avatar
pretentious
Addict
Addict
 
Posts: 1217
Joined: Wed Mar 03, 2010 12:48 am
Blog: View Blog (0)


Re: Change a username?

Post by cyberdrain on Fri Apr 11, 2014 7:02 am
([msg=80215]see Re: Change a username?[/msg])

What I meant to say was, I don't see any point in the ability to remove a username (unless there's an emergency), so I agree on the development time being spent on more useful features. I think you messed up that quote though.
Free your mind / Think clearly
User avatar
cyberdrain
Expert
Expert
 
Posts: 2160
Joined: Sun Nov 27, 2011 1:58 pm
Blog: View Blog (0)


Re: Change a username?

Post by -Ninjex- on Fri Apr 11, 2014 7:55 am
([msg=80216]see Re: Change a username?[/msg])

cyberdrain wrote:I don't think keeping backups of accounts for a month will be good enough, sometimes people return after a few years even. You could say it's their own fault if their mail is also compromised, but I would rather have the policy be based on safe than sorry.


It wouldn't be for returning users. For instance, if someone gained physical access to your computer while you were away and managed to delete your account. This could prevent something of that nature. As a matter of fact, it would probably be best to send an email to the user notifying them that there account will be removed in X amount of time, and at any point between that time period, they may reverse the removal. However if they don't in that time frame (say a month) then the account will perish.

-- Sat Apr 12, 2014 1:29 am --

pretentious wrote:HTS doesn't use phpmyadmin do they?

I don't think so, and this really shouldn't make the task harder.
I can communicate with a database without phpmyadmin very easily, and I know the developers who run things; they have experience and talents over me and I'm sure they could as well.
image
For those that know
K: 0x2CD8D4F9
User avatar
-Ninjex-
Moderator
Moderator
 
Posts: 1691
Joined: Sun Sep 02, 2012 8:02 pm
Blog: View Blog (0)


Re: Change a username?

Post by cyberdrain on Fri Apr 11, 2014 8:12 am
([msg=80218]see Re: Change a username?[/msg])

-Ninjex- wrote:It wouldn't be for returning users. For instance, if someone gained physical access to your computer while you were away and managed to delete your account. This could prevent something of that nature. As a matter of fact, it would probably be best to send an email to the user notifying them that there account will be removed in X amount of time, and at any point between that time period, they may reverse the removal. However if they don't in that time frame (say a month) then the account will perish.


I still don't see why we need the feature though, I mean it's been working like this forever and if it ain't broken...
Free your mind / Think clearly
User avatar
cyberdrain
Expert
Expert
 
Posts: 2160
Joined: Sun Nov 27, 2011 1:58 pm
Blog: View Blog (0)


Next

Return to General

Who is online

Users browsing this forum: No registered users and 0 guests