Hi all!
Just have changed my email and found a possible security problem (more than security, logic problem) in the way it is done now.
When you change your email, you need to enter your password and then the new email address. A confirmation email is sent to that address.
Now suppose a bad guy that has got your password (because it is weak, how many of you have 1234 or similar as password?, or got from other leaked service, etc). Then he changes your email to his own email, the confirmation is sent to the new email but not to the old one.
The right thing would be send the confirmation link to both emails and only change the password when both emails confirm that.
What do you thing about this?
Just have changed my email and found a possible security problem (more than security, logic problem) in the way it is done now.
When you change your email, you need to enter your password and then the new email address. A confirmation email is sent to that address.
Now suppose a bad guy that has got your password (because it is weak, how many of you have 1234 or similar as password?, or got from other leaked service, etc). Then he changes your email to his own email, the confirmation is sent to the new email but not to the old one.
The right thing would be send the confirmation link to both emails and only change the password when both emails confirm that.
What do you thing about this?