1. osu! forums
  2. osu!
  3. Feature Requests
  4. Completed Requests
This is a feature request. Feature requests can be voted up by supporters.
Current Priority: +0
posted
I mean via old E-mail if you're changing account E-mail. That should protect users from account theft.
Cuz account theft is bad thing and protecting the users from account theft should be always good.
I hope it's isn't a duplicate.
posted
You already need to enter your password in order to change your email address. If someone has your password, the account is already stolen, so I don't see much point in this.
posted

MillhioreF wrote:

You already need to enter your password in order to change your email address. If someone has your password, the account is already stolen, so I don't see much point in this.
What he's telling is:
When someone steals your password and logs into your account, he can change your E-Mail/ Password without any problem, which results in the account completely being unable to access for you.

If you have to confirm an E-Mail first, he'd have to steal your E-Mail, too in order to take away your access to your account.

I guess that's what he's talking about.
posted

MillhioreF wrote:

You already need to enter your password in order to change your email address. If someone has your password, the account is already stolen, so I don't see much point in this.
If account password was stolen?
posted
sLaiNi is kind of right. It would be good to include at least a backup means of verification that doesn't require something already used to access the account. So, for example, you could have a security question (Or two) that can be used to override.

Regardless, if you find unathorized usage of your account, you can mail the support team and let them know. They can verify if your account is being used by another address. That's probably a good step in the right direction on any account stealing.
posted
I 100% think this should be implemented.
posted
I forgot my e-mail password :(. Well this is useful but I don't know what to do if I forgot my e-mail o:
posted

XinCrin wrote:

I forgot my e-mail password :(. Well this is useful but I don't know what to do if I forgot my e-mail o:
You should use an email address that you actually know.
posted
To be honest, this should be implemented in general. The point Millihore have stated wouldn't make sense when someone would obviously have your password if your account was stolen.
posted

Kitokofox wrote:

sLaiNi is kind of right. It would be good to include at least a backup means of verification that doesn't require something already used to access the account. So, for example, you could have a security question (Or two) that can be used to override.
I agree strongly with this, since it allows a user to protect their account using means that would not obviously be available to one who had already gotten the password and accessed the account.
This is better in my opinion than sending a confirmation e-mail for cases in which the user is trying to change the e-mail associated with their osu! account because of not being able to access the e-mail, and being unable to change it because changing the e-mail would require an e-mail confirmation, on the e-mail they can't access...
posted
We currently have the verification system which appears if you either want to do changes on your profile or to your userpage. It obviously doesn't help when your account is stolen but for this there will be something added in the future from what I heard. At all, the point of this request does exist.
Please sign in to reply.