Our "enfeedia" Feed
08 Dec 2014 16:24
New SECURITY KEY now implemented, and the modified new password request process
FeedBack ( 0) Please read the following important changes to Enfeedia that provide an improved level of security and a more convenient process for requesting a new password should you forget your current one.
In recognition of the relative easy that one can determine an Enfeedia member's account "Name" that also functions as a traditional userID, we thought it a good idea to add another level of security. This seems especially useful for requesting a new password because, at the time you are wanting a new password, you apparently do not remember your current one, so of course we can't ask that you enter your password to request a new one. We made the Security Key optional, but recommend that you use it.
Your existing account as of the beginning of December 2014 does not have a Security Key. It's up to you to create one if you wish. To do so, log in, navigate to your account through the "Publish Items" menu item. You fill find the capability to set a Security Key under the first of those four account category items. You would return to that place to remove the Security Key or to edit it later on, if you wish.
Once you set up your Security Key, you will need to use it to log into your account, in addition to entering your password, and you will need to enter it when requesting a new password. The Security Key can be up to 12 alpha-numeric characters. We suggest you don't need to go to the extremes that you do to create a great password, nor change it very often at all versus what you should doing for your password, because now, the combination of userID (account Name), password, and Security Key are all required for logging in and getting a new password. For example, perhaps your mother's birthday -- who would forget that. Or any other convenient personal tidbit.
The combination of our recently introduced more robust encryption algorithm for passwords and the Security Key raises the security of your account to an extremely high level. If you do not choose to specify a Security Key, operation of the site is unchanged with respect to logging in and fetching a new password.
MODIFIED PASSWORD REQUEST PROCESS
While implementing this feature, we also modified how fetching a new password is done. Previously, each time you requested a new password, your current one and the password issued for previous requests were immediately invalidated. In other words, the only valid password would be the one being issued for the most recent request. With the change, the website issues the same temporary password with each request (invalidating of course your password prior to requesting a new one) so that if you do not receive or find the email with you new password for any reason, any one of the emails issued from your requests will contain a valid password. If, after three requests, you still have not received your password, your fourth request will trigger an email to Enfeedia Technical Support. We will contact you to make sure you successfully get a new password. You should allow up to about 72 hours, though, if it becomes necessary for a tech support representative to personally provide that help, so as always, we highly recommend you securely record your password.