I can't find any way to set or change the password on an existing email account configuration in ThunderBird. Is there a trick for this?
ThunderBird was configured to pick up email with IMAP.
On the Email server, I changed the password.
After the change, Thunderbird can not pick up email and it does not prompt for a new password. It just hangs and eventually times out.
There is no option to set the password for accessing an account
I have restarted Thunderbird many times.
I found the password manager and deleted all the stored passwords. It still does not prompt me for the password when trying to pick up mail, and there is no way to manually add a new password into the password manager.
I can't believe you are forced to re-create the account settings every time the password is changed. I can successfully do that, but there MUST be a way to just change the password, isn't there? Did the developers somehow think you would never need to change a password?
Related
When I logged into Github.com, it says:
Your password is weak and can be easily guessed. You must update your password to continue using GitHub.com.
And the page leads to resetting the password. When my email address is input, it says:
That address is not a verified primary email or is not associated with a personal user account. Organization billing emails are only for notifications
I have the username and correct password, but not the email. I'm wondering how to get the verified primary email, or can I reset the password in other ways?
You can now generate tokens for unlimited time using your old password which you can store in your local machine to access your repositories from the command line.
Absolutely love Firebase so far except it is not sending emails. Every time that I go on my console to reset one of my user's passwords, I click on the authentication tab on the left, go to one of my users, click on the right side of the user, and click on reset password. Then it sends an email to my personal email saying that the message wasn't delivered to "billybob123#email.com" and the reason is that "unsafe characters or length in username."
Now I know what the issue is here, there is no username. I have no idea how to set it. In my app, the users sign up and sign in with their email, but Firebase must not think that is their username. Also, the failure email shows the email that the server tried to send. In that email below, it shows the password reset link. Here is an example of the link below.
https://greenbananatech-jbs.firebaseapp.com/__/auth/action?mode=resetPassword&oobCode=chubW2CkIyYbJvAUviPYUevyHtr-KKYLjFRhABglpFkAAAFkGfcgkw&apiKey=AIzaSyDYrCkVfzNww2V_BuBSTfV85s2lSwW8hO4&lang=en
See what I think where the issue lies is that empty space after ".com". I think this is where the username is supposed to go. I just don't know how to set the username of the users. I have already changed the DISPLAY name of my users in my Xcode project but that doesn't do anything. Also when I click on the "faulty" link, it is in no way faulty because it works perfectly! Here is the picture of the failure email below.
Thanks so much.
Top of email
Bottom of email
I went through the same problem. I tried to configure Firebase SMTP using CPanel's outbound service, and I only received the error message. The problem is the "SMTP account username" field. Try passing the email address on it. It worked for me.
I have just implemented wso2is 5.3 and I am looking at setting up the password and username recovery options.
Wso2is is set up with our Active Directory domain as the primary user store. In AD, the 'mail' attribute holds the user's primary email address, and 'otherMailbox' contains additional, external email addresses for the user.
I would like to use the email recovery, but we can't use the primary email, since the password for that account is the password they are trying to reset. We need to have the recovery process use one of the addresses in 'otherMail'.
I can't find anywhere in the documentation where you can define any option for what email is used for the recovery process.
Is the primary email the only one supported for password recovery? How can I tell the password and username recovery process to use a different email?
Thanks
Don
The answer, it turns out, is to change the claim mapping for the email address claim in WSO2 to point to the otherMailbox attribute in AD. It properly deals with the multi-valued email address list and for the purposes of password recovery, it sends the notification to all of the listed email addresses.
We then created another claim called Campus Email and pointed it at the mail attribute in AD.
There doesn't seem to be any negative issue with having 'our' email not be the 'primary' email.
Don
I have set up a magento store of my own for my business of grocery products.
I have almost configured each and everything.
I have a mail server and can have as many email addresses as I require.
I have a theme set up for the store.
While a user tries to log in and has forgot a password, there is a link to click saying "Forgot Password".
On clicking it, it displays "An email has been sent to your account with new password details."
I know this will not send an email as I have to configure entire system.
I do not want to send a new password by email. Instead I want to send a link. On clicking this link, the user can go the it and have an option of password reset.
Please help me with this. It will be much much appreciated.
Magento's standard "Forgot Password" functionality works exactly as you've described - it sends a link to the user to reset his or her password - it doesn't just send a new password.
Magento uses Zend_Mail to send emails. By default, Zend_Mail will use PHP's mail() function (via Zend_Mail_Transport_Sendmail), which will usually send emails via sendmail or similar, depending on the PHP configuration.
If you have your own mail server that you'd prefer to use, you can configure Magento to use SMTP. This does require some code, but, luckily, there are some good extensions out there that already do this, like aschroder/Magento-SMTP-Pro-Email-Extension.
I have a website where a user can login using MVC5 Identity. (Although this question is not specific to that technology)
For a user to register with this website we must have spoken to them over the phone and an account manager must go through a registration form which sets up an "unverified" account for the user.
Following this the user is sent an email verification link, along with a generated password to login. The registration you would normally fill out pre-login is done post-login.
So I was wondering if in this scenario I can simply treat the users first login as email verification becuase the only way they get their password is from the email.
Is there any way this could be exploited and open up any security holes/allow validation without owning the email?
Edit:
Wanted to add the password is temporary (expires after a fixed period) and the user will be able to drop into a password reset form and a have a new one emailed if they don't do it in time. If the user has given us the wrong email I assume most will phone us.
I do not see this having any exploitation or holes and you are right to think this can be used as the email verification. Try it, and see how it works. Maybe after the temporary password is typed the user is prompted to type in a new password of their choosing.