Feature Request: Last known good email

(Andrew Waugh) #1

There is nothing stopping a user changing their email address. We thought this to be a good thing, so we enabled it.

However… Users, being users, sometimes mistype an email address. In the grand scheme of things this is only a minor transgression. But if the user happens to do this in their preferences, then, well, it can lead to some confusion.

Since it isn’t possible to make sure that the email address which the user types is correct, would it be possible to add a table of “previous good emails” to the admin interface?

Here is a scenario:
User “meatbag” logs in and decides to change his email from Enlightened@highlyintelligent.org to Ihavethickfingers@hitwithahammer.org, but mistypes the new email as Iamthick@nowandthen.org.

So I then get an email via our helpme@ address, from Ihavethickfingers@hitwithahammer.org, who purports to be user “meatbag”, I do my usual tapdance, and trigger a forgot password email for meatbag’s account, then I write my usual polite email from helpme, stating “I have triggered a reset email for that account, it should arrive before this email, if you can’t find it please check your spam folders. If you continue to have difficulties, please contact me again at this address”.

Not long thereafter I get a new message from meatbag, who may even confess the whole sordid story. But I have no way to distinguish an honest meatbag, from a lying meatbag.

If I had a “Previous_good_email” which I could call up then I could put my pokerface on and say “Please send me a new email and name the last good email address which you used”.

It isn’t perfect, but it would help me to distinguish between honest, and lying meatbags.

(Rafael dos Santos Silva) #2

Requiring validation on email change would be better for this use case.

(Andrew Waugh) #3

Even just a message to moderators “Meatbag changed email from X to Y” would help.

(Mittineague) #4

Because email addresses are key to Discourse I agree that storing a “previous_value” would be a good idea.
Perhaps in the users or user_histories table?

A real use case example is the rare “I had to create a new account, I’m really ___”

Deciding on whether or not a member is really who they say they are is an Admin decision and AFAIK is usually a judgement call based on good faith.

Again, I don’t think problems arise because of changing an email address happen all that often (at SitePoint maybe once every year or two that I’m aware of).

I don’t think storing every email address ever used by a member would be needed. Nor do I think it needs to be in a UI anywhere. Data Explorer or CLI should be good enough as long as the information is somewhere.

(Andrew Waugh) #5

Perhaps SitePoint’s users have better eyesight, or hit their typing finger with a hammer much less often than a typical Jag-lovers user.

We’re also still in the middle of transitioning from our old site to Discourse. I had two mistyped email issues today alone.

I’m not suggesting a complete history of every email ever used, the last one which a user successfully used to log in with would be fine for me.