New Topic Subscription Options |
Change of Email Address
Forums: Suggestions and Feedback | |||
|
|||
Participant: Log in to see names |
Thursday, November 6, 2014 at 4:36 AM
Hi, I'm not sure why I haven't noticed this before after all these years but I've just changed a Classmate's Email address for them and the message that appears says it will send an Email to him to tell him it's been done. Unfortunately, it says the Email will go to the Email address I've just changed, which is no longer in use. Just thought I'd mention it.
|
||
|
|||
Participant: Log in to see names |
Thursday, November 6, 2014 at 8:15 AM - Response #1
It is working as designed. Sending to the OLD email address is a way to help prevent dishonest admins (yes, it happens) from changing the classmate's email and password to their own and reading their Message Center messages and then changing the email address back to what it was previously. We understand that sometimes sending to the old email address might bounce because it is no longer in use, but if the email is still good, at least the classmate will know that their profile has been compromised and that they need to change their login credentials again.
|
||
|
|||
Participant: Log in to see names |
Thursday, November 6, 2014 at 11:17 AM - Response #2
Thanks, Kyle. Interesting,I suppose it makes sense, and I understand the reasons for using the old Email address now but if, by some extreme coincidence, that old Email address is no longer in use when the alert is sent out they won't know the Email address has been changed until they go to Log In again. It's a remote possibility. I assume the nosey Admins you talk about change the Email address back after they've finished their spying? If so won't the Classmate get two alerts? If so, it'll probably be the culprit (the Admin) he asks "What's been going on?". Does similar happen with a change of Password, as an Admin will need to do that to Log In as the Classmate won't they?
|
||
|
|||
Participant: Log in to see names |
Thursday, November 6, 2014 at 12:43 PM - Response #3
Two alerts would not go out. A first alert would go to the original address. But the next alert would go to the "new" address when that address is changed back to the original address. Yes, the admin would need to change the password, but the account owner would not know that the password was changed until they try to log in and can't, due to the password being changed. When that occurs, they would be able to do a forgot password to have a link sent to them so that they can then log in. Either way, yes it would look suspicious to the account owner and only an admin would be able to pull off the above scenario. I have never had anyone report to me that they have suspected a situation like this happening.
|
||
|
|||
Participant: Log in to see names |
Thursday, November 6, 2014 at 1:24 PM - Response #4
Scott Mastenbrook wrote: I have never had anyone report to me that they have suspected a situation like this happening. But Kyle said it does happen. It's why the system works the way it does. (could be it happened when CC first started without this safety?) Kyle Erickson wrote: ... (yes, it happens) ...
|
||
|
|||
Participant: Log in to see names |
Thursday, November 6, 2014 at 3:59 PM - Response #5
To clarify - I have not heard of any admins who behaved in such a manner. I have been here for 5 years... I recall no reports of this during that time. However, I do not see every single task, so it is possible that I may have missed an incident. If it were an issue that happened more frequently, I'm certain that we would have needed to add further precautions.
|
||
|
New Topic |
Subscription Options: Have all new forum posts sent directly to your email. |
Subscription options are available after you log in. |