Camen Design Forum

Delete

(Leave this as-is, it’s a trap!)

To delete this post you must be either the original author or a designated moderator.
The content of the post will be removed but the name and date will remain.

  • The post will be removed completely from the thread, rather than blanked
  • Only posts on the last page of the thread can be removed completely (so as to not break permalinks)

RE[4]: Let's rewrite NoNonsense

Martijn

That way, if an account gets exploited, the creator himself can, at any time, close the account and prevent any damages.

This sounds a lot like Wikipedia’s “user committed identity” system: you can set-up an SHA hash for your profile to be able to prove you are the legitimate owner of the account in case of a compromised account: http://en.wikipedia.org/wiki/Template:User_committed_identity

In all fairness though, if you are going to be using this as your personal blog you probably want a slightly higher level of security than can be offered by NNF’s current simplicity. Some more up-to-date security practices (salted scrypt, or at least bcrypt, hashes for passwords) would be a start.

Or maybe go password less? Several people have been trying this in the last couple of months. One-time-passwords sent to an app or email address, or just an instant login link in an email message. This would be pretty simplistic for users, but is non-trivial to implement.

Your friendly neighbourhood moderators: Kroc, Impressed, Martijn