Allow users to change their account email address #2527
Comments
|
@ryanfeeley post the mockups here when you get a chance. |
|
@zaach - Can you explain more about the need for this feature? Which password is being forgot in this scenario, the email provider password? |
|
Also, we have to ensure reliers do not depend on the user's email address as the unique identifier, or else the user's relier account will be inaccessible. |
|
Finally, how will this interact with a user who has a Sync session? Any session for that matter, will changing an email address invalidate all outstanding session tokens? |
|
Hi Shane: email addresses are not permanent for all users, therefore we should allow users to change their email. If we don't there will be a small portion of forgetful users who will be unable to log in. |
|
Next steps are to break down the work for this with a github checklist. |
|
@eoger, I believe we're using the WIP label for work-in-progress PRs. When you're ready to start this self-assign, and move into waffle:in progress. |
|
@ckarlof @eoger @shane-tomlinson @zaach I am starting to think that we should first require that users verify their original email address as part of the process. Would be more secure for people who still control over their original email, but the downside is that for users who lost control over their original email address, they would not be able to regain control. |
|
I think that's an easy one; most people will still control their email account, and for those people who have lost control of what is probably a principal email account, they've probably got bigger problems than losing access to Sync data. |
|
This is FxA-28 on Aha, closing here. |
Users should be able to change their account email address to prevent them from getting locked out if they forget their password and lose access to their old email account.
This depends on: mozilla/fxa-auth-server#489
@ryanfeeley has the UX for this.
/cc @eoger
The text was updated successfully, but these errors were encountered: