Sharing passwords

  • 3 Replies
  • 233 Views

0 Members and 1 Guest are viewing this topic.

Offline rsidwell

  • *
  • Fractal Freshman
  • *
  • Posts: 7
« on: September 04, 2017, 04:52:04 PM »
The user registration agreement has the words "you agree to never give your password out to another person except an administrator". When would we ever need to share our password with an administrator? If that need arises, how can we confirm that the person asking for our password is in fact a real administrator and not someone spoofing an administrator?

Best security practice dictates to never share a password with anyone, even an administrator. I'm not against the current wording, but if there is no real need for administrators to know a user password please consider striking the words "except an administrator" from the agreement.

Linkback: https://fractalforums.org/discuss-fractalforums/5/sharing-passwords/191/

Offline Sockratease

  • *
  • Fractal Frankfurter
  • *
  • Posts: 541
    • Sockratease.com
« Reply #1 on: September 04, 2017, 05:08:53 PM »
Hello and welcome to the New Forums  O0

That's a default agreement.  I never thought twice about that wording.

But I can see where something like that may be needed under extremely rare circumstances  (like some sort of lost password with a malfunctioning password reset and the member wants their password temporarily reset to regain access to an account then change it again to something only they know)  (Yes, that has happened!).

Be assured we will NEVER request that or any other personal information!

To answer how you could be sure it's a real admin, the member would need to initiate the contact,  If an admin contacts you asking for such stuff, it is definitely a scam   C:-)

I know the user agreement is able to be edited, but have not looked for it.

Rest assured that your information is safe and confidential.  Your passwords are encrypted in an SQL Database and would be extremely complicated to extract from there, if it is possible at all.

Thanks for pointing that out.  We'll look into a revised User Agreement after we get everything configured and functioning as needed.
Study stupidity, kids. It's not getting smarter out there - Frank Zappa

Offline RedshiftRider

  • *
  • Global Moderator
  • *******
  • Dendritic Entity
  • Posts: 180
  • Dagomar Schreuder
    • Youtube
« Reply #2 on: September 04, 2017, 05:33:16 PM »
Well, we can be sure you read it completely. :P


Never thought it that way.

Offline WAUthethird

  • *
  • Fractal Phenom
  • ****
  • Posts: 51
« Reply #3 on: September 12, 2017, 11:00:48 PM »
Right, at least 1 person looks at those  ;)