The password recovery scheme is so poorly designed, that's borderline scary: You... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

olouv on July 31, 2014 | parent | context | favorite | on: Stellar

The password recovery scheme is so poorly designed, that's borderline scary: You can't use the recovery code sent by email after registration without validating your email first (but since you have the code, your email is obviously valid)... which requires you to login (but if you don't have your password, well, you can't log in)... Great!... one lost account for me.

muneeb on Aug 1, 2014 | [–]

+1, the recovery code shouldn't go out in plain text email. Also, I picked a weak password just to quickly make an account and I can't seem to change it, hmmm.

tribaal on Aug 1, 2014 | [–]

And there is no way to change your password.

Join us for AI Startup School this June 16-17 in San Francisco!
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact