vern
/
wiki
3
4
Fork 4
Code Issues Pull Requests Packages Projects Releases Wiki Activity

docs(pubnix): Document account recovery process #3

New Issue
Closed
opened 2023-06-12 16:58:48 +00:00 by ajhalili2006 · 4 comments
ajhalili2006 commented 2023-06-12 16:58:48 +00:00
Contributor
Copy Link

About this issue

The description is a bit of a draft, but I'll working on it.

Especially on cases that they locked out of their pubnix (or even their accounts on services hosted here) and admins need a documented way of verifying their identity without going through passing their IDs throughout Stripe Identity and meeting humans in real life.

Suggested account recovery methods

  • If they use PGP, ask them to sign either a challenge generated by ~vern's staff (via openssl) OR send a recovery request over email with GPG signature/encryption.
  • TODO: Add other options here.

Prior art

## About this issue > The description is a bit of a draft, but I'll working on it. Especially on cases that they locked out of their pubnix (or even their accounts on services hosted here) and admins need a documented way of verifying their identity without going through passing their IDs throughout [Stripe Identity](https://stripe.com/identity) and meeting humans in real life. ### Suggested account recovery methods * If they use PGP, ask them to sign either a challenge generated by ~vern's staff (via `openssl`) OR send a recovery request over email with GPG signature/encryption. * TODO: Add other options here. ## Prior art * https://sourcehut.org/blog/2020-03-04-when-you-lose-2fa/
Ghost commented 2023-06-14 17:53:51 +00:00
Copy Link

I've talked to cobra about this, she is onboard. And we will probably let users submit their PGP public keys to a file like ~/.key in their pubnix account. But cobra is busy right now, she will implement it later.

We could let the users recover their accounts via an online form on the ~vern website (similar to how we do user registration currently), in fact, if we outsource it to a script then that'd be quite nice. (No one wants to manually reset passwords for a user on all their accounts)

TL;DR; We're planning this, it will be implemented someday.

I've talked to cobra about this, she is onboard. And we will probably let users submit their PGP public keys to a file like `~/.key` in their pubnix account. But cobra is busy right now, she will implement it later. We could let the users recover their accounts via an online form on the ~vern website (similar to how we do user registration currently), in fact, if we outsource it to a script then that'd be quite nice. (No one wants to manually reset passwords for a user on all their accounts) TL;DR; We're planning this, it will be implemented someday.
ajhalili2006 commented 2023-06-17 15:21:06 +00:00
Author
Contributor
Copy Link

I'm also thinking about doing committed identity similiar to how both Wikimedia and Miraheze accounts can be also recovered (context: https://en.wikipedia.org/wiki/Template:Committed_identity) through one-way hashing.

I'm also thinking about doing committed identity similiar to how both Wikimedia and Miraheze accounts can be also recovered (context: https://en.wikipedia.org/wiki/Template:Committed_identity) through one-way hashing.
Ghost commented 2023-06-25 06:29:40 +00:00
Copy Link

This is quite cool, but we will do the account recovery stuff first.

This is quite cool, but we will do the account recovery stuff first.
vitorg commented 2023-12-02 05:32:28 +00:00
Owner
Copy Link

this issue is closed; we already documented it at https://wiki.vern.cc/en/recovery/ and you can access the recovery form in https://vern.cc/en/recovery

this issue is closed; we already documented it at https://wiki.vern.cc/en/recovery/ and you can access the recovery form in https://vern.cc/en/recovery
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
master
Labels
Clear labels
No items
No Label
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
3 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: vern/wiki#3
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?