Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

If a user signs in with Twitter, can they later 'switch' to regular account?

ZiyphrZiyphr New
edited January 2011 in Vanilla 2.0 - 2.8
It looks like they get a username automatically, and a generic email address which can be changed.

However in their account the user sees "Change My Password" but what do they enter as an old password? I tried leaving it blank but it says "old password required".

Comments

  • TimTim Vanilla Staff
    You would never change your password. The account is a 'regular' account underneath it all, but the password is a randomly generated string. It should only allow access via Twitter auth. If you really wanted to, you could use 'Forgot password' on it to get it reset and receive an email.

    Vanilla Forums COO [GitHub, Twitter, About.me]

  • Thanks Tim, that makes sense.

    With users who have randomly generated passwords (that they are unaware of) I think it would be small improvement to show them a "Get a password" link instead of the "Change My Password" option which doesn't apply to them. It's quite possible a small percentage of people may try to do this and enter their Twitter password as the old one, or something like that.
Sign In or Register to comment.