Wed, 23 Nov 2022 04:11:36 +0000

Petty Tyrant
0:7 And counting
Joined: Wed, 12 Oct 2005 05:12:11 +0000
Posts: 33207
Location: Bay Area, California
 
Petty Tyrant
0:7 And counting
Joined: Wed, 12 Oct 2005 05:12:11 +0000
Posts: 33207
Location: Bay Area, California
Wed, 23 Nov 2022 04:11:36 +0000 linkquote
Ever since I revamped the password reset mechanism here on Modern Vespa, I have been surprised (and maybe a little bit alarmed) at how often it is actually used. I added logging to the feature while I was re-writing it, as much to help me debug and diagnose any lingering issues as anything. What I thought was a rarely-used feature turns out to be... well, not so rare.

So, if you don't mind, tell me about your experience changing your MV password, any time in the last year or so. What parts worked well, what didn't work very well, and what led to the need to reset it.

I'm genuinely interested.
Wed, 23 Nov 2022 11:01:31 +0000

Foiled
Joined: Fri, 06 Jul 2007 23:34:38 +0000
Posts: 1261
Location: Weaverville, NC
 
Foiled
Joined: Fri, 06 Jul 2007 23:34:38 +0000
Posts: 1261
Location: Weaverville, NC
Wed, 23 Nov 2022 11:01:31 +0000 linkquote
For 'fun', I just reset mine. I used the forgot my password feature and it worked perfectly. My phone remembers my passwords as I'm old and forget things. But mostly I like monster cookies.
Wed, 23 Nov 2022 14:58:42 +0000

Veni, Vidi, Posti
2006 GTS 250
Joined: Tue, 22 Feb 2011 00:24:46 +0000
Posts: 10036
Location: KS USA
 
Veni, Vidi, Posti
2006 GTS 250
Joined: Tue, 22 Feb 2011 00:24:46 +0000
Posts: 10036
Location: KS USA
Wed, 23 Nov 2022 14:58:42 +0000 linkquote
What I have to say you probably already know. I lost my phone and with it access to the email that was stored on MV database. I was stuck. I guess it's just a security feature. But I was pretty much unable to reset my password because MV would send a token to the email that I no longer had access to.

It was all resolved when I remembered that I had an old tablet with the remember password installed on it. But I could not pair the tablet to my new phone. So I went to a hotspot with the old tablet and voila the remember password was my lifesaver.
Wed, 23 Nov 2022 15:29:24 +0000

Petty Tyrant
0:7 And counting
Joined: Wed, 12 Oct 2005 05:12:11 +0000
Posts: 33207
Location: Bay Area, California
 
Petty Tyrant
0:7 And counting
Joined: Wed, 12 Oct 2005 05:12:11 +0000
Posts: 33207
Location: Bay Area, California
Wed, 23 Nov 2022 15:29:24 +0000 linkquote
Max6200 wrote:
What I have to say you probably already know. I lost my phone and with it access to the email that was stored on MV database. I was stuck. I guess it's just a security feature. But I was pretty much unable to reset my password because MV would send a token to the email that I no longer had access to.

It was all resolved when I remembered that I had an old tablet with the remember password installed on it. But I could not pair the tablet to my new phone. So I went to a hotspot with the old tablet and voila the remember password was my lifesaver.
I think the takeaway from this is that an email address is very much a lifeline to a whole range of services, not just MV. Out of all the passwords that we use on a regular basis, the sign-in details for our email accounts are probably the most important. Nearly everything can be reset by proving that you own the email account.

If you haven't already, you should probably set your MV email to an address that you know you won't lose access to. If this means writing down the password for the email account and putting it in a safe place, so be it.

This might also be a good time to mention my current favorite non-gmail email provider. It's a paid service, and works a bit differently than most email platforms, but it has become my main email account.

It's called Hey, and it has changed my very long and painful relationship with email for the better. You can use it for free during a trial period to see how you like it.
Wed, 23 Nov 2022 15:51:55 +0000

Member
2021 GTS 300 75th
Joined: Thu, 14 Apr 2022 13:14:35 +0000
Posts: 22
Location: Florida, USA
 
Member
2021 GTS 300 75th
Joined: Thu, 14 Apr 2022 13:14:35 +0000
Posts: 22
Location: Florida, USA
Wed, 23 Nov 2022 15:51:55 +0000 linkquote
Resetting mine just now worked like a charm. It only took around 10 seconds to get the reset email from you.

Reason: I am a retired computer geek and change 179 passwords every few months. This post just happened to remind me it's about time.
Wed, 23 Nov 2022 16:30:46 +0000

Petty Tyrant
0:7 And counting
Joined: Wed, 12 Oct 2005 05:12:11 +0000
Posts: 33207
Location: Bay Area, California
 
Petty Tyrant
0:7 And counting
Joined: Wed, 12 Oct 2005 05:12:11 +0000
Posts: 33207
Location: Bay Area, California
Wed, 23 Nov 2022 16:30:46 +0000 linkquote
gnees wrote:
Resetting mine just now worked like a charm. It only took around 10 seconds to get the reset email from you.
Should have been faster The current code will react to a password reset in under a second, including sending the email. Unless you catch it near the 10 minute mark, when the daemon briefly re-launches itself.
gnees wrote:
Reason: I am a retired computer geek and change 179 passwords every few months. This post just happened to remind me it's about time.
I'm also a retired computer geek, and I can say with some confidence that your Modern Vespa password probably doesn't need to be on the highly-secure list. Worst case scenario, someone impersonates you here.
Wed, 23 Nov 2022 16:42:03 +0000

Member
1952 allstate, 1958 allstate, 2009 S150
Joined: Thu, 27 Oct 2022 13:02:48 +0000
Posts: 15
Location: CT
 
Member
1952 allstate, 1958 allstate, 2009 S150
Joined: Thu, 27 Oct 2022 13:02:48 +0000
Posts: 15
Location: CT
Wed, 23 Nov 2022 16:42:03 +0000 linkquote
I lost my old email address and never updated it soon I can't get into my old account. Tried to email an admin a few years back. So that part was unfortunate.
Wed, 23 Nov 2022 17:36:15 +0000

Member
2021 GTS 300 75th
Joined: Thu, 14 Apr 2022 13:14:35 +0000
Posts: 22
Location: Florida, USA
 
Member
2021 GTS 300 75th
Joined: Thu, 14 Apr 2022 13:14:35 +0000
Posts: 22
Location: Florida, USA
Wed, 23 Nov 2022 17:36:15 +0000 linkquote
jess wrote:
Worst case scenario, someone impersonates you here.
No worries about that. Just look at my profile pic. Who would even want to be me. Lurker since 07, and still just sitting here quietly.
Wed, 23 Nov 2022 19:22:14 +0000

Molto Verboso
Vespa ET3 & Vespa PX150 & Vespa GTS 300
Joined: Sun, 05 Apr 2009 10:56:36 +0000
Posts: 1672
Location: Berlin
 
Molto Verboso
Vespa ET3 & Vespa PX150 & Vespa GTS 300
Joined: Sun, 05 Apr 2009 10:56:36 +0000
Posts: 1672
Location: Berlin
Wed, 23 Nov 2022 19:22:14 +0000 linkquote
I realized the other day that all of my 50 or so e-mail addresses ultimately are run by the same company, including those with my personal mail domain.
So to avert an apocalypse, I added yet another adress to the zoo. Mailbox.org ticked a lot of my boxes. Then I moved my amazon login to the new e-mail address. Maybe I should do the same with my MV login.
Hey looks interesting, but I've never really had a problem with e-mail as it is.
Wed, 23 Nov 2022 19:34:41 +0000

Petty Tyrant
0:7 And counting
Joined: Wed, 12 Oct 2005 05:12:11 +0000
Posts: 33207
Location: Bay Area, California
 
Petty Tyrant
0:7 And counting
Joined: Wed, 12 Oct 2005 05:12:11 +0000
Posts: 33207
Location: Bay Area, California
Wed, 23 Nov 2022 19:34:41 +0000 linkquote
Der Blechfahrer wrote:
I realized the other day that all of my 50 or so e-mail addresses ultimately are run by the same company, including those with my personal mail domain.
I had a similar realization recently, but with respect to my AppleID and my main email address being reciprocally tied to each other. It seemed like a recipe for a catch-22 problem, so I decided to move to a non-iCloud email address.
Der Blechfahrer wrote:
Hey looks interesting, but I've never really had a problem with e-mail as it is.
Email has, at various times in my life, become a full-time occupation. My relationship with email goes back a long, long way, well before the dawn of the World Wide Web. At some point, I realized that all the time I spent on email could be better spent on something else, and so I started to look for a different solution. Hey.com has about the right balance for me. YMMV.
Thu, 24 Nov 2022 01:46:57 +0000

Member
2022 Piaggio Liberty
Joined: Wed, 23 Nov 2022 19:45:49 +0000
Posts: 17
Location: Texarkana
 
Member
2022 Piaggio Liberty
Joined: Wed, 23 Nov 2022 19:45:49 +0000
Posts: 17
Location: Texarkana
Thu, 24 Nov 2022 01:46:57 +0000 linkquote
Probably works well, but my reset got sent to an email I no longer have access to. Would be nice to have a security question option to reset if possible?

Note: talking about a different, much older account I used to have (Ape)
Thu, 24 Nov 2022 02:02:00 +0000

Moderaptor
The Hornet (GT200, aka Love Bug) and 'Dimples' - a GTS 300
Joined: Sun, 26 Aug 2007 20:16:15 +0000
Posts: 41692
Location: Pleasant Hill, CA
 
Moderaptor
The Hornet (GT200, aka Love Bug) and 'Dimples' - a GTS 300
Joined: Sun, 26 Aug 2007 20:16:15 +0000
Posts: 41692
Location: Pleasant Hill, CA
Thu, 24 Nov 2022 02:02:00 +0000 linkquote
Mr.Moose wrote:
Probably works well, but my reset got sent to an email I no longer have access to. Would be nice to have a security question option to reset if possible?
Perhaps a code sent to a mobile phone? People tend to hang on to phone numbers even when they change carriers.

Also, I note that it's so cheap these days to purchase own's own domain - one can then have all email to it forwarded to whatever current ISP's email provision is (or gmail or whatever) and it'll stay the same address (or multiple addresses) for as long as you have that domain. I'm surprised so few people do this, or even know it can be done. You're no longer beholden to an ISP for email provision, which for some people means they feel stuck with a poor provider, much like people not leaving a bad employer just because of health insurance...
Thu, 24 Nov 2022 02:59:30 +0000

Petty Tyrant
0:7 And counting
Joined: Wed, 12 Oct 2005 05:12:11 +0000
Posts: 33207
Location: Bay Area, California
 
Petty Tyrant
0:7 And counting
Joined: Wed, 12 Oct 2005 05:12:11 +0000
Posts: 33207
Location: Bay Area, California
Thu, 24 Nov 2022 02:59:30 +0000 linkquote
jimc wrote:
Perhaps a code sent to a mobile phone? People tend to hang on to phone numbers even when they change carriers.
That's probably more viable than security questions (which are largely out of fashion these days). It still wouldn't have helped Max, though, who lost his phone. There's also the small problem of mobile vs. non-mobile phone numbers, and the ability to receive text messages. Personally, I'm wary of any website that asks for my phone number, but maybe I'm just paranoid.
jimc wrote:
Also, I note that it's so cheap these days to purchase own's own domain - one can then have all email to it forwarded to whatever current ISP's email provision is (or gmail or whatever) and it'll stay the same address (or multiple addresses) for as long as you have that domain. I'm surprised so few people do this, or even know it can be done.
Agreed that's a reasonable approach. The obstacle is probably just navigating domain registrars and the arcanery of domain settings.

You can also have iCloud handle email for your own domain name, too -- for those that have iCloud accounts, anyway. (I haven't actually tried this myself yet, but am interested in experimenting with it).
Thu, 24 Nov 2022 06:50:05 +0000

Molto Verboso
Vespa ET3 & Vespa PX150 & Vespa GTS 300
Joined: Sun, 05 Apr 2009 10:56:36 +0000
Posts: 1672
Location: Berlin
 
Molto Verboso
Vespa ET3 & Vespa PX150 & Vespa GTS 300
Joined: Sun, 05 Apr 2009 10:56:36 +0000
Posts: 1672
Location: Berlin
Thu, 24 Nov 2022 06:50:05 +0000 linkquote
Graylisting can be annoying when you use your own mail domain. In fact, my mails to you, Jim, regularly bounce because I don't have a website associated with my domain (any longer).
Thu, 24 Nov 2022 07:35:48 +0000

saggezza di scala
2009 'Burma Shave' Red GTS 250ie
Joined: Sat, 13 Mar 2010 17:13:49 +0000
Posts: 7007
Location: Israel
 
saggezza di scala
2009 'Burma Shave' Red GTS 250ie
Joined: Sat, 13 Mar 2010 17:13:49 +0000
Posts: 7007
Location: Israel
Thu, 24 Nov 2022 07:35:48 +0000 linkquote
Unlike most instances of my resetting my password, on MV the reason wasn't because I forgot mine. Rather, it was because I was notified by an outside security source I subscribe to that this site had been compromised (several years ago), and with it my password had been compromised.

The actual act of resetting the password was smooth and painless.
Thu, 24 Nov 2022 14:30:42 +0000

Veni, Vidi, Posti
2006 GTS 250
Joined: Tue, 22 Feb 2011 00:24:46 +0000
Posts: 10036
Location: KS USA
 
Veni, Vidi, Posti
2006 GTS 250
Joined: Tue, 22 Feb 2011 00:24:46 +0000
Posts: 10036
Location: KS USA
Thu, 24 Nov 2022 14:30:42 +0000 linkquote
Slowpoke wrote:
I lost my old email address and never updated it soon I can't get into my old account. Tried to email an admin a few years back. So that part was unfortunate.
That's doable as a last resort. I did it once and it worked. But we tend to forget that the moderators have lives as well. And apparently they were all busy following Dave's head gaskets thread.
Thu, 24 Nov 2022 14:35:03 +0000

Petty Tyrant
0:7 And counting
Joined: Wed, 12 Oct 2005 05:12:11 +0000
Posts: 33207
Location: Bay Area, California
 
Petty Tyrant
0:7 And counting
Joined: Wed, 12 Oct 2005 05:12:11 +0000
Posts: 33207
Location: Bay Area, California
Thu, 24 Nov 2022 14:35:03 +0000 linkquote
Treppenwitz wrote:
Rather, it was because I was notified by an outside security source I subscribe to that this site had been compromised (several years ago), and with it my password had been compromised.
News to me.

That said, I've been notified by iOS that various passwords on various services have been compromised. It's rarely the case (as in, almost never) that the site where I used the password was actually compromised. The far more common case is that a password I used happens to match a password that showed up in a dump of compromised passwords, disconnected from any user ID I might actually have been using.

On the other hand, if the outside security source said specifically that modernvespa.com had been compromised, I'd appreciate hearing about it.
Thu, 24 Nov 2022 16:11:38 +0000

Moderaptor
The Hornet (GT200, aka Love Bug) and 'Dimples' - a GTS 300
Joined: Sun, 26 Aug 2007 20:16:15 +0000
Posts: 41692
Location: Pleasant Hill, CA
 
Moderaptor
The Hornet (GT200, aka Love Bug) and 'Dimples' - a GTS 300
Joined: Sun, 26 Aug 2007 20:16:15 +0000
Posts: 41692
Location: Pleasant Hill, CA
Thu, 24 Nov 2022 16:11:38 +0000 linkquote
Der Blechfahrer wrote:
Graylisting can be annoying when you use your own mail domain. In fact, my mails to you, Jim, regularly bounce because I don't have a website associated with my domain (any longer).
Just for no website? That's unreasonable.

Email to all my domains should get through to me - no blocks in place. However, I forward all email to the crowth.org.uk domain though a gmail account (for surprisingly efficient spam filtering) and back again to postmaster@ - maybe gmail are bouncing some. If it happens again, I'd like to see the bounce details.
Sun, 27 Nov 2022 06:46:05 +0000

saggezza di scala
2009 'Burma Shave' Red GTS 250ie
Joined: Sat, 13 Mar 2010 17:13:49 +0000
Posts: 7007
Location: Israel
 
saggezza di scala
2009 'Burma Shave' Red GTS 250ie
Joined: Sat, 13 Mar 2010 17:13:49 +0000
Posts: 7007
Location: Israel
Sun, 27 Nov 2022 06:46:05 +0000 linkquote
jess wrote:
News to me.

That said, I've been notified by iOS that various passwords on various services have been compromised. It's rarely the case (as in, almost never) that the site where I used the password was actually compromised. The far more common case is that a password I used happens to match a password that showed up in a dump of compromised passwords, disconnected from any user ID I might actually have been using.

On the other hand, if the outside security source said specifically that modernvespa.com had been compromised, I'd appreciate hearing about it.
I had a feeling, but it seemed a small bother to just change the password there rather than get you or the moderators involved in a Q&A session.
   

All Content Copyright 2005-2022 by Modern Vespa. All Rights Reserved.

Modern Vespa is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to amazon.com.

Shop on Amazon Smile with Modern Vespa

[ Time: 0.0233s ][ Queries: 4 (0.0020s) ][ Debug on ][ 240 ][ Thing Two ]