SIGN UP

Password Change Bug

Avatar Image
jim360 | 11:56 Sat 19th Jun 2021 | Editor's Blog
22 Answers
Following on from APG's post, I thought I would change my own password, in part to see why the system would not accept her new password. I found myself unable to do so...

Until, that is, I thought to enter the new password as my "current" password in the final box, and then it *was* updated. I have checked, and the new password is now accepted, so I've successfully changed my password now.

Needless to say, this is seriously flawed as a security measure. If an account is ever active and accessible (eg on a computer left briefly unattended), anybody could change the password without ever needing to know the original.

Answers

1 to 20 of 22rss feed

1 2 Next Last

Best Answer

No best answer has yet been selected by jim360. Once a best answer has been selected, it will be shown here.

For more on marking an answer as the "Best Answer", please visit our FAQ.
Or if you say lost or had a tablet or phone stolen, and you had it set to remember the site password or even logged on.
Jim -I've just tried that ( thanks) but all I got was a 'Passwords don't match' message.
Question Author
It worked when I did it, and I can confirm that my password has changed. All I can say is try again, possibly on a different browser, or just make doubly sure that all three versions of the new password match in the three cells.
Thank you Jim. Third time luck it worked -password now changed. Hope ed can get to the bottom of this -as you say -I changed my password without the need to provide my original one - thats bad!
If might be an idea to delete all your personal info from your profile (if you have any) in the meantime.
-- answer removed --
"just bloody annoyed AB admin could not care a hoot"

It's not that AB admin don't care, there is unikely to be any "admin" in at the weekend.

I think you have to accept this is a free to use site and management resources are limited, meaning no cover at the weekends.
Do I also have to accept that if there is a data leak/cyber attack call it what you like, on a Friday, then nothing is done about it until Monday morning? It would take literally seconds for admin to check the site twice a day.
What do you expect them to check?
Well they could start with their emails! Sent 2 so far with no response.
Whilst the company is based in Ke'rin isn't the techy-support based in Chile?
If there's no cover over the weekend there will be no response to your e-mails until to-morrow.
jackthehat
The site was built in Chile but the Content management system (or the back end) should be done by admin in the UK.
Anyone filling in their real details on their profile page must be mad!

Any data leak would include full name/ date of birth/ gender/marital status/full address including post code/phone number, along with interests and life motivations - and someone can change their password without inputing the old one, or even asking for a password change. Madness.
10.17 oh I understand now -admin can't/ won't access their AB emails by mobile phone on a weekend.....lol!
I've tried changing things on my profile page without success, despite guidance from a few, and Ab Editor. I gave up in the end.
^^^ because data is valuable. thats why I never use real data to sign up to anything.
Thanks for bringing this to our attention. This is not behaving properly and appears to be a new bug, so I have asked our development team to look into it.
APG:

// Well they could start with their emails! Sent 2 so far with no response. //

We have received no emails from you.

// Do I also have to accept that if there is a data leak/cyber attack call it what you like, on a Friday, then nothing is done about it until Monday morning? It would take literally seconds for admin to check the site twice a day. //

Our IT team would be alerted by our 24/7 system if there was a cyber attack on the site and it would be dealt with immediately.

// I an deal with that -just bloody annoyed AB admin could not care a hoot -god knows who is harvesting the site for data. //

Please, be more combative, it really makes me want to help.

1 to 20 of 22rss feed

1 2 Next Last

Do you know the answer?

Password Change Bug

Answer Question >>

Related Questions