Search the Community
Showing results for tags 'email'.
Found 2 results
A recent data breach has been exposed which is being labeled as "Collection #1" and holds 772,904,991 unique emails with 21,222,975 unique passwords. I was browsing the possible sites that had been leaked within this collection and near the lower portion of the list was Verpets. I highly recommend anyone that has an account on Verpets on or prior to March 25th, 2018 to change their email, password, and any password/email combo related to your Verpets login information right away. If you would like to see if your information was compromised elsewhere; https://haveibeenpwned.com For more information on this breach and how attackers can utilize your information as well as tips on how to protect your information: The 773 Million Record "Collection #1" Data Breach Edit: Martyn advised me to post this here.
What do you find is the most secure way to handle a user's change of email? I was thinking about this for a while and I just wondered how others are handling it. Method 1: User changes email address, re-enters their password. Done. Verification is sent to the new address. Method 2: User changes email address, re-enters their password. Verification is sent to the new address and old address; "Your password has recently been changed. If this was not you, click here to revert to your old password." Method 3: User changes email address, re-enters their password, a verification code is sent to the new email address and the user must confirm within X days/hours. User can also cancel the request if they entered it incorrectly. Anyway, how are you handling/ planning to handle change of email?