Feature #13
password recovery tool
| Status: | Resolved | Start date: | 03/28/2012 | ||
|---|---|---|---|---|---|
| Priority: | Normal | Due date: | |||
| Assignee: | lee | % Done: | 60% | ||
| Category: | - | Spent time: | - | ||
| Target version: | Backlog | ||||
| Component: |
History
#1 Updated by n8fr8 almost 6 years ago
- Target version changed from Alpha Testbed Launch v1 to Alpha Testbed - Update 1
#2 Updated by lee almost 6 years ago
- Status changed from New to Resolved
- Assignee set to lee
- Target version changed from Alpha Testbed - Update 1 to Backlog
- % Done changed from 0 to 60
I would prefer if we, the operators act as the "password recovery tool". I think the ultimate solution to this is to allow account creation from CSip. The password isn't a very active one, and really acts as a shared secret rather than a typical "PIN" style password.
What would be ultimately sick, is a function on the client called "register handset" that generates a string in the form username:domain:password and builds an md5 sum of that. This string is sent securely to the server and a new user is provisioned. The "password" substring is then saved in the CSip database and the user never worries about it again. I borrowed this process from a little reverse engineering I did on the MagicJack.