password recovery tool

password recovery tool

From: Chris Disspain <ceo§auda.org.au>
Date: Tue, 29 Jul 2003 09:40:49 +1000
All,
 
auDA's password recovery tool was put in place specifically to deal with
those domain names for which we are providing 'temporary' registrar
services (net.au, org.au and some com.au). 
 
Behind it sits a mechanism to recover your password in the event that
the email address in the database is incorrect. Use of that manual fax
form also has the effect of enabling the email address in the data base
to be updated. auDA provides this service for the registrants for which
it is currently a temporary registrar.
 
The service has been disabled for all other domain names for several
reasons. 
 
Firstly, auDA was concerned that email contact addresses could be
delivered for the whole of the data base through this tool. Our logs do
not show any pattern of heavy querying at all but, none the less, it is
a possibility. 
 
Secondly, some registrars had chosen to refer customers to this tool
rather than supplying one of their own or using the one supplied to
registrars by AusRegistry. 
 
Thirdly, some registrants, having been referred to the tool by their
registrar were under the impression that they could use the manual
password recovery system to get their password even though auDA was not
their registrar. This has lead to registrants experiencing frustration
and delays in password recovery.
 
What should happen is that each registrar should provide their own
password recovery tool that only delivers a result for domain names for
which they are registrar. There are a couple of ways this could work.
Either it can display the email address for the registrant to check and
then submit for an electronic delivery of password or move to manual
recovery OR it can refer the registrant to whois first to check that the
email address is correct. 
 
In the end it's a balance between a level of customer service and
security. 
 
We are still working on this issue and more changes may occur as we test
methods of creating the right balance.
 
Regards,
 
 
Chris Disspain
CEO - auDA
ceo&#167;auda.org.au
www.auda.org.au
 
 
Received on Fri Oct 03 2003 - 00:00:00 UTC

This archive was generated by hypermail 2.3.0 : Sat Sep 09 2017 - 22:00:07 UTC