[wp-forums] angelin.deboral lost the email to her old user ID
Kathryn Presner
zoonini at gmail.com
Thu Sep 8 16:21:34 UTC 2011
The email attached to their new ID links to this FB profile so it does
seem like the same person:
Angelin Nadar
PHP Developer at Magnet Technologies
https://www.facebook.com/#!/angelin.nadar
kp
On Thu, Sep 8, 2011 at 12:16 PM, Kathryn Presner <zoonini at gmail.com> wrote:
> Funny that they didn't mention they were a plug-in author, huh? Any
> way they can prove that? Might be a way to ID them.
>
> kp
>
> On Thu, Sep 8, 2011 at 12:03 PM, Michael Atkins
> <michael at cubecolour.co.uk> wrote:
>> That account is listed as author of a couple of plugins:
>> http://profiles.wordpress.org/users/angelin.nadar/
>>
>> Smart Reporter for WP e-Commerce (847 downloads)
>> & Smart Manager for WP e-Commerce 15,999 downloads
>>
>> If it isn't the same person, and is actually someone with malicious intent, the plugins are most likely the target. Who knows what dodgy business could be added into peoples ecommerce sites.
>>
>> Michael
>> @cubecolour
>> michael at cubecolour.co.uk
>>
>>
>>
>>
>> On 8 Sep 2011, at 16:47, ipstenu at ipstenu.org wrote:
>>
>>> Her latest post: http://wordpress.org/support/topic/i-want-the-emailid-associated-with-account-as-i-have-forgot
>>>
>>> Backstory.
>>>
>>> She had an id (angelin.nadar - http://wordpress.org/support/profile/angelinnadar/ ) with NO posts, and she lost the password. No big, except she also forgot which email address it was. Furthermore, the email address no longer exists (per yahoo, I emailed it directly).
>>>
>>> So now we have a case where she says "I am this user name, but I can't prove it in any way shape or form, because I don't remember the password or the email. But can you reset the password for me anyway?"
>>>
>>> And I said "No, that's what we call 'social engineering.' Tough titties, move on." (I said it nicer!)
>>>
>>> Do I think it's her? Probably yes, but with no posts to the name, I can't even spot-check the IP to be certain, and the security mole in my heart screams in abject hate at the idea of just handing over an ID, when I don't know what else it may effect. I highly doubt there's any risk in this particular situatino, but I'm not personally comfortable opening the door. Especially since (1) no posts exists for the old account, (2) she has one (unanswered) topic with the new one and (3) merging accounts involves buying Otto a home brewery set at this rate.
>>>
>>> Am I being too knee-jerky paranoid about security? (I swear, Nacin, I took the tin foil out of my hat today!)
>>> _______________________________________________
>>> wp-forums mailing list
>>> wp-forums at lists.automattic.com
>>> http://lists.automattic.com/mailman/listinfo/wp-forums
>>
>> _______________________________________________
>> wp-forums mailing list
>> wp-forums at lists.automattic.com
>> http://lists.automattic.com/mailman/listinfo/wp-forums
>>
>
More information about the wp-forums
mailing list