Changing email confirmation to current email

[adaaamb]

Hey,

Right now, when an email is changed on a forum, the confirmation of the new email is sent to the new email. This is good because the new email obviously needs to be confirmed, but it's also highly insecure. If a forum account was compromised, they can do everything including changing the email and password of the account.

I would like a security feature that requires a confirmation from the current email address prior to sending the confirmation to the new email address. It would look something like:

Username,

Somebody has requested to change your email address on Board Name. To authorise this change, please click here. If this wasn't you, please report this to the board staff and change your password immediately.

If possible, this could also be implemented for password changes, where a user has to confirm a new password via their current email.

Thanks

 

[adaaamb]

Nothing at all?

 

[LemmeSeeHim]

I'm surprised that 11 years later this is not a core feature.

 

[Blatchy]

I'm surprised that 11 years later this is not a core feature.

i have something like that on my forum.. check it out https://www.overallowed.com/ (create account, then change email or password) I will just release it on my site for free if its something people are interested in.

 

[Sim]

I'm surprised that 11 years later this is not a core feature.

To be fair, 2FA renders this issue largely irrelevant - far less likely to have accounts get compromised if they use 2FA.

It also breaks when people lose access to their current email address, but can still log in to the site - indeed, this is likely to be the main reason why people change their email address, so by blocking them from changing it if they can no longer access their existing email, would create more support work.

 

[Blatchy]

To be fair, 2FA renders this issue largely irrelevant - far less likely to have accounts get compromised if they use 2FA.

That therein lies the issue. A good chunk of admins I come across dont have it enabled.

 

[Sim]

That therein lies the issue. A good chunk of admins I come across dont have it enabled.

I really don't understand why you wouldn't enable 2FA. You don't have to force users to use it and giving them the choice to protect their accounts is a pretty reasonable thing to do IMO.

I suspect the main reason admins don't enable it is because they don't understand it and are scared it's going to create a lot more work for them.