I am using the email address as a username and am allowing users to change their email... which obviously also changes their login. Is there any reason why allowing this flexibility would be a problem? users are tracked with userid.
thanks
Don't make your e-mail address your user ID Using your e-mail address to sign into accounts has its benefits. Your ID is unique and easy to remember, and it makes it simple for a service to contact with you when, say, you forget your password. But in some cases, the risks of doing so could outweigh the benefits.
Most people think email names and email usernames are the same things. They're not. An email name (also known as a sender name) is the name that's displayed when you send an email. Your email username, however, is your email address.
The "already in use" message means that you are attempting to register an account, but there is already one registered using your email address. To log in, use the "Log in" button highlighted in the attached screenshot.
The capability of changing the mail address is essential, otherwise a user might lose all his data on your site because he might no longer be able to access it (password recovery wouldn't work anymore).
Just make sure the new e-mail address is verified and keep the old one (and only that one) active until the verification is performed!
I don't exactly understand what you mean with
my concern is that i can pass my account to someone else and that new person inherits the prior persons history but can change the email AND the display name, and be a complete fraud
Should somebody pass his account so someone else, your outta luck. Even if you required short message pin / cellphone authentication, you'd still have to give the user the option to also change his cell number.
Snail mail and real names (i.e., the banking approach) are an option, but that is slow and quite expensive.
I would recommend keeping track of both old and new e-mails and allow them to login with either. FogBugz has a username field as well as e-mail with support for multiple e-mail addresses and users can login with any e-mail address or their chosen username.
Don't make things harder for the user when it's easy to program around.
If your system contacts the user with information regarding his/her account via e-mail, I think allowing the user to change his/her e-mail should be allowed.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With