FS#54 : Lack of Verification Email

Status Closed
Assigned To

cbay
Private

Attached to Project: Security vulnerabilities
Opened by sanjoy804 - 05.06.2024
Last edited by cbay - 06.06.2024

FS#54 - Lack of Verification Email

### Summary
The website does not verify email addresses during the account creation process, which can lead to various security issues such as spam, abuse, and account recovery problems.

### Steps to Reproduce
1. Go to the account creation page.https://www.alwaysdata.com/en/register/ 2. Enter any email address and complete the registration process.
3. Notice that no email verification step is required.

### Impact
- Spam and Abuse: Unverified accounts can be used to flood the system with spam or perform malicious activities.
- User Impersonation: An attacker can use someone else's email address, leading to possible impersonation issues.
- Account Recovery Problems: Users might face difficulties in recovering their accounts if email addresses are not verified.

### Recommendation
Implement email verification as a mandatory step in the account creation process to ensure that the email addresses are valid and belong to the users registering them.

Closed by cbay
06.06.2024 06:09
Reason for closing: Duplicate
Additional comments about closing:

Duplicate of task #53

Comments (0)
Related Tasks (0/0)

	Tasks related to this task (0)

Loading...

Keyboard shortcuts

Available keyboard shortcuts

Alt + ⇧ Shift + l Login Dialog / Logout
Alt + ⇧ Shift + a Add new task
Alt + ⇧ Shift + m My searches
Alt + ⇧ Shift + t focus taskid search

Tasklist

o open selected task
j move cursor down
k move cursor up

Task Details

n Next task
p Previous task
Alt + ⇧ Shift + e ↵ Enter Edit this task
Alt + ⇧ Shift + w watch task
Alt + ⇧ Shift + y Close Task

Task Editing

Alt + ⇧ Shift + s save task