Changing Passwords August 29, 2003 9:45 PM   Subscribe

This may sound a bit clueless, but is it possible to change our passwords? I can't seem to figure out how.
posted by stoneegg21 to MetaFilter-Related at 9:45 PM (12 comments total)

Here's a previous discussion on the matter.
posted by angry modem at 10:00 PM on August 29, 2003


Thanks. Still would be nice if there's a manual password change though.
posted by stoneegg21 at 10:07 PM on August 29, 2003


That feature really, really, needs to be added.
posted by dgaicun at 1:09 AM on August 30, 2003


i had a page mirrored for months before riffola kindly pointed out that my password was in the html. i've never heard of such a thing, on any other site, and can't think of a single reason for it, and yet, there it is, day after day, page after page.
posted by quonsar at 2:48 PM on August 30, 2003


Even worse (or not, depending), it may not be valid HTML (I don't think <table> tags are supposed to directly contain <input> tags, and yet, in mine, the parent tag of the password containing <input> is a <table>.
posted by weston at 3:06 PM on August 30, 2003


that may be a hack to get around the fact that the form tag insists on surrounding itself with extra space.
posted by quonsar at 4:02 PM on August 30, 2003


User password changing really isn't a hard thing to write...I wonder why Matt didn't implement password changing from the start.
posted by thebabelfish at 9:26 AM on August 31, 2003


I think password changing would be great but it should probably be backed up by some kind of (preferably automatic) email confirmation. Otherwise, a maliscious person on your computer could automatically log in to MetaFilter and change your password, locking you out of your account.
posted by timeistight at 10:21 AM on August 31, 2003


Can of worms, innit?
posted by inpHilltr8r at 2:59 PM on August 31, 2003


timeistight, if Matt would eliminate the plaintext-ness of passwords and instead MD5 or SHA1 them or something, then you can just make it so the user has to enter their current password to change it. That increases the security and effort required by the attacker without much trouble. And you could even add email confirmation on top of that...
posted by thebabelfish at 4:44 PM on August 31, 2003


The only password that is included in the page you view is yours, though. It is not as if you see every logged-in users password. If you use a computer that others have access to and don't log out when not viewing MeFi, then whose fault is it that your password is available to others? I am in the same position as neustile in that I use a common password for many sites, however and would like to be able to change the password.
posted by dg at 3:49 PM on September 1, 2003


The only password that is included in the page you view is yours, though. It is not as if you see every logged-in users password.

Unless you're network sniffing....

Granted, the effort necessary probably makes it not worthwhile.
posted by namespan at 9:46 AM on September 3, 2003


« Older MeFi callout for anti-semitism   |   The cutoff for comments to a MeFi thread is one... Newer »

You are not logged in, either login or create an account to post comments