this post was submitted on 15 Jun 2023
14 points (100.0% liked)
Lemmy Moderation Tools
10 readers
1 users here now
Welcome
I'm working on a moderation tool to work with Lemmy.
I'm still in early development and discovery. This channel will update the status and respond to questions during development, testing, release, and post-release.
You are encouraged to create posts defining your needs. I also appreciate feedback on status updates. This helps me maintain the right track.
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
In my opinion "change password" is an outdated way of doing things.
"Send password reset email" would be the correct way.
Emails are optional on some instances. Having both options would be nice. On the other hand, allowing admins to change their users' passwords makes it easier for them to impersonate their users, though that just may be something we accept.
Yeah, the issue is people without email but also people with the wrong email. I've caught quite a few typos from our email server not being able to send their approval because the email had a typo. I did send them manually and tell them the error they made.
So, I guess we could just change email but I don't see quite the difference in terms of abuse with regards to change password if I could simply change someone's email and get it anyways.
People providing a broken email also make the approval hang. it works approving them, but the admin gui hangs with a spinning icon until you do a full page refresh.
I understand that emails are optional.
However, if a user wants to recover their account, then they should provide an email (even just a burner).
It's not much, but it would add an extra safe-guard against admin abuse.
Mod logs could show "mod changed email for user x" without any PII. Which would add some insight into potential admin abuse if this happened excessively or if a user complained about it happening to them.
I imagine any admin with postgres skills could delete/suppress the modlog entry tho.
Personally, I wouldn't trust any website if I contacted them with an "I've locked myself out" request, and they replied with a new password.
TL;dr: Regardless, I don't actually have any skin in the mod/admin game.
I can understand that it seems useful.
I am still of the opinion that it is an outdated way to do account recovery.
No way to validate it is actually the user if they're locked out. Your info exists on their server, so they can change your password or email trivially. Anyone could disable/enable these kinds of tools that automatically notify, ultimately you shouldn't sign up for an instance you don't trust.