Jump to content

passwords manager in users profile, safe or not safe to store multiple passwords in the same place?


alexandre
 Share

Recommended Posts

i have been thinking about a way to make it as easy as possible for the users to use the voucher code system but i have this issue where if a user own many vouchers, to avoid losing a password of a voucher without having to always use the same, since the passwords cant be recovered,  or changed to avoid scam in trades. so i was thinking about a password and code manager that would be protected by a security pin. somehow i feel like a simple security pin short enough to remember for the users would not be enough to protect their funds if their account was to be compromised for any reasons. having a password and code manager would put their funds at risk so i have put a recovery of the voucher codes in place but again this is numbers that users have to save somewhere and that is the big risk of lost funds if they lose the last thing making them able to recover their voucher. i feel like their is no real way in my control to make sure that no mistakes can be made.. if i allow them to recover passwords it will allow scams and if i store all informations they need , i put them at risk. which one is the less worst in those two that i could handle ?

Link to comment
Share on other sites

Ease of use vs security is a never ending battle.  Try to opt for the simplest solution that also works.

  • You can either
    • act as custodian (allows for you to aid a user when they forget/misplace something)
    • provide no custody, thus insuring a compromise of your system doesn't compromise user assets

You can't do both.  Not knowing enough about this system, I would question the nature of the vouchers themselves.  Does your system know the value and when something is redeemed?  You might have a customer service feature that would allow someone to make a new voucher to replace a lost one?  That mght be an alternative, but would require your system to have the necessary information and controls available to you to determine the status of a voucher, and be able to revoke/replace it.  

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.