1 <!DOCTYPE HTML PUBLIC
"-//W3C//DTD HTML 3.2//EN">
4 <TITLE> [IRCServices Coding] SENDPASS with encryption...
6 <LINK REL=
"Index" HREF=
"index.html" >
7 <LINK REL=
"made" HREF=
"mailto:ircservices-coding%40ircservices.za.net?Subject=%5BIRCServices%20Coding%5D%20SENDPASS%20with%20encryption...&In-Reply-To=">
8 <META NAME=
"robots" CONTENT=
"index,nofollow">
9 <META http-equiv=
"Content-Type" content=
"text/html; charset=us-ascii">
10 <LINK REL=
"Previous" HREF=
"002884.html">
11 <LINK REL=
"Next" HREF=
"002886.html">
13 <BODY BGCOLOR=
"#ffffff">
14 <H1>[IRCServices Coding] SENDPASS with encryption...
</H1>
16 <A HREF=
"mailto:ircservices-coding%40ircservices.za.net?Subject=%5BIRCServices%20Coding%5D%20SENDPASS%20with%20encryption...&In-Reply-To="
17 TITLE=
"[IRCServices Coding] SENDPASS with encryption...">Craig at chatspike.net
19 <I>Wed Feb
4 17:
42:
00 PST
2004</I>
21 <LI>Previous message:
<A HREF=
"002884.html">[IRCServices Coding] SENDPASS with encryption...
23 <LI>Next message:
<A HREF=
"002886.html">[IRCServices Coding] SENDPASS with encryption...
25 <LI> <B>Messages sorted by:
</B>
26 <a href=
"date.html#2885">[ date ]
</a>
27 <a href=
"thread.html#2885">[ thread ]
</a>
28 <a href=
"subject.html#2885">[ subject ]
</a>
29 <a href=
"author.html#2885">[ author ]
</a>
34 <PRE>so something like..
38 "You have recieved this e-mail because X!
<A HREF=
"http://www.ircservices.za.net/mailman/listinfo/ircservices-coding">Y at Z
</A> has requesed a sendpass on your nickname, if this is you, your password will be changed
39 by performing the following command on IRC: /ns setpass Craig
<AUTHCODE
> <NEWPASS
>
41 If you did not request the sendpass, your current password will remain in tact, and you can dis-regard this e-mail
"
43 Then if needed on IRC..
45 /ns setpass Craig
<AUTHCODE
> <NEWPASS
>
47 This means if someone attempted to miliciously use the command, the users 'current' password would still work, and its of no inconvieniance.
49 /****************************************
50 * Craig
"FrostyCoolSlug
" McLure
51 * InspIRCd -
<A HREF=
"http://www.inspircd.org">http://www.inspircd.org
</A>
52 * ChatSpike -
<A HREF=
"http://www.chatspike.net">http://www.chatspike.net
</A>
53 ****************************************/
56 /****************************************
57 * From - Aragon Gouveia
<<A HREF=
"http://www.ircservices.za.net/mailman/listinfo/ircservices-coding">aragon at phat.za.net
</A>>
58 * To - IRC Services Coding Mailing List
<<A HREF=
"http://www.ircservices.za.net/mailman/listinfo/ircservices-coding">ircservices-coding at ircservices.za.net
</A>>
59 * Sent -
2004-
02-
04 21:
08:
25
60 * Subject - Re: [IRCServices Coding] SENDPASS with encryption...
61 ****************************************/
63 /****** - Begin Original Message - ******/
65 ><i>Or why not just email some kind of random unique cookie which is then msg'd
66 </I>><i>to nickserv to reset and obtain the new password. Kinda like the auth
67 </I>><i>system for authorising new registrations...
69 </I>><i>That'll also take care of the insecure nature of emailing passwords. More
70 </I>><i>and more ircds are supporting ssl client connections. Getting the new
71 </I>><i>password over irc is favourable in that regard.
78 </I>>|
<i> By Martin Pels
<<A HREF=
"http://www.ircservices.za.net/mailman/listinfo/ircservices-coding">martinpels at hotmail.com
</A>>
79 </I>>|
<i> [
2004-
02-
04 22:
54 +
0200 ]
80 </I>>><i> I'm looking forward to this module. It is what kept us from switching to
81 </I>>><i> encrypted passwords.
83 </I>>><i> Here's some ideas on the abuse problem:
84 </I>>><i> * Only allow usage of the command from hosts that are in the nickname's
85 </I>>><i> accesslist
86 </I>>><i> * Send the nick!
<A HREF=
"http://www.ircservices.za.net/mailman/listinfo/ircservices-coding">user at host
</A> of the user that issued the command in the E-mail
87 </I>>><i> (it won't prevent abuse, but at least you'll know who's been playing around)
88 </I>>><i> * Give a notice to services operators/admins each time the command is issued
89 </I>>><i> * Limit the amount of times the command can be used successively
91 </I>>><i> Hope this helps.
94 </I>>><i> Martin
96 </I>>><i> ----- Original Message -----
97 </I>>><i> From:
"Craig McLure
" <<A HREF=
"http://www.ircservices.za.net/mailman/listinfo/ircservices-coding">Craig at chatspike.net
</A>>
98 </I>>><i> To:
"ircservices-coding
" <<A HREF=
"http://www.ircservices.za.net/mailman/listinfo/ircservices-coding">ircservices-coding at ircservices.za.net
</A>>
99 </I>>><i> Sent: Wednesday, February
04,
2004 4:
47 PM
100 </I>>><i> Subject: [IRCServices Coding] SENDPASS with encryption...
103 </I>>><i> > I've been working on a module that allows use of sendpass whilst using
104 </I>>><i> encrypted passwords (i'll contribute the source to Andy when complete for
105 </I>>><i> inclusion in services), it will work by changing the users password, and
106 </I>>><i> mailing them that.. but i cant find around other users using it miliciously
107 </I>>><i> to aggrovate others..
109 </I>>><i> > anyone got any idea on how this can be resolved? thanks :)
111 </I>>><i> > /****************************************
112 </I>>><i> > * Craig
"FrostyCoolSlug
" McLure
113 </I>>><i> > * InspIRCd -
<A HREF=
"http://www.inspircd.org">http://www.inspircd.org
</A>
114 </I>>><i> > * ChatSpike -
<A HREF=
"http://www.chatspike.net">http://www.chatspike.net
</A>
115 </I>>><i> > ****************************************/
117 </I>>><i> > ------------------------------------------------------------------
118 </I>>><i> > To unsubscribe or change your subscription options, visit:
119 </I>>><i> > <A HREF=
"http://www.ircservices.za.net/mailman/listinfo/ircservices-coding">http://www.ircservices.za.net/mailman/listinfo/ircservices-coding
</A>
121 </I>>><i> ------------------------------------------------------------------
122 </I>>><i> To unsubscribe or change your subscription options, visit:
123 </I>>><i> <A HREF=
"http://www.ircservices.za.net/mailman/listinfo/ircservices-coding">http://www.ircservices.za.net/mailman/listinfo/ircservices-coding
</A>
124 </I>><i>------------------------------------------------------------------
125 </I>><i>To unsubscribe or change your subscription options, visit:
126 </I>><i><A HREF=
"http://www.ircservices.za.net/mailman/listinfo/ircservices-coding">http://www.ircservices.za.net/mailman/listinfo/ircservices-coding
</A>
129 /******* - End Original Message - *******/
139 <LI>Previous message:
<A HREF=
"002884.html">[IRCServices Coding] SENDPASS with encryption...
141 <LI>Next message:
<A HREF=
"002886.html">[IRCServices Coding] SENDPASS with encryption...
143 <LI> <B>Messages sorted by:
</B>
144 <a href=
"date.html#2885">[ date ]
</a>
145 <a href=
"thread.html#2885">[ thread ]
</a>
146 <a href=
"subject.html#2885">[ subject ]
</a>
147 <a href=
"author.html#2885">[ author ]
</a>