Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

should i allow user to change email when using email as username? [closed]

I am using the email address as a username and am allowing users to change their email... which obviously also changes their login. Is there any reason why allowing this flexibility would be a problem? users are tracked with userid.

thanks

like image 880
zsharp Avatar asked Jan 25 '10 17:01

zsharp


People also ask

Should email address be used as username?

Don't make your e-mail address your user ID Using your e-mail address to sign into accounts has its benefits. Your ID is unique and easy to remember, and it makes it simple for a service to contact with you when, say, you forget your password. But in some cases, the risks of doing so could outweigh the benefits.

Is username same as email address?

Most people think email names and email usernames are the same things. They're not. An email name (also known as a sender name) is the name that's displayed when you send an email. Your email username, however, is your email address.

What if your email is already in use?

The "already in use" message means that you are attempting to register an account, but there is already one registered using your email address. To log in, use the "Log in" button highlighted in the attached screenshot.


3 Answers

The capability of changing the mail address is essential, otherwise a user might lose all his data on your site because he might no longer be able to access it (password recovery wouldn't work anymore).

Just make sure the new e-mail address is verified and keep the old one (and only that one) active until the verification is performed!

I don't exactly understand what you mean with

my concern is that i can pass my account to someone else and that new person inherits the prior persons history but can change the email AND the display name, and be a complete fraud

Should somebody pass his account so someone else, your outta luck. Even if you required short message pin / cellphone authentication, you'd still have to give the user the option to also change his cell number.

Snail mail and real names (i.e., the banking approach) are an option, but that is slow and quite expensive.

like image 81
mnemosyn Avatar answered Sep 28 '22 01:09

mnemosyn


I would recommend keeping track of both old and new e-mails and allow them to login with either. FogBugz has a username field as well as e-mail with support for multiple e-mail addresses and users can login with any e-mail address or their chosen username.

Don't make things harder for the user when it's easy to program around.

like image 31
Samuel Neff Avatar answered Sep 28 '22 00:09

Samuel Neff


If your system contacts the user with information regarding his/her account via e-mail, I think allowing the user to change his/her e-mail should be allowed.

like image 23
Anthony Forloney Avatar answered Sep 28 '22 01:09

Anthony Forloney