i2-Services, Inc. Forums

mryan Wrote:

i2-Services, Inc. Wrote:

Their e-mail address is used as the login & to get a forgotten password.

Isn't that a "less secure" method - as someone who already knows the e-mail address would only have to guess at the password? Instead of needing both a username and password?

But I can see how it would be easier for the members.

In this scheme, does the username (e-mail address) show up in the website logs as it does with the htaccess method?

If you're using the .htaccess default login method where it prompts you for login yes it would be recorded to the server logs.

As for "less secure". I know many financial sites, etc that use e-mail addresses as your login, with password.

Kind of the same as your username being posted all over this board for everyone to know, but guessing your password isn't the easiest thing to simply guess.

i2-Services, Inc. Wrote:

As for "less secure". I know many financial sites, etc that use e-mail addresses as your login, with password.

Of course you're right, that's how PayPal works! I forgot... Rolleyes

I suppose they could guess the password, but the system generates a random one, that the member can change. For me, its much easier than a username, so many forget their username.
The system does send an email to the username(email addy) that the person requests, so if someone allows others access to that email addy, its their fault Smile

The system shows logs with the email address in place of the username (along with an IP addy)

Pages: 1 2

i2-Services, Inc.

mryan

GWP