You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Severity - (Medium) Weakness - Violation of Secure Design Principles
Description
User is able to navigate to account settings and change email to any email in a proper email format (i.e. xxxx@xxx.xxx). After clicking 'Save' and submitting the form, this email is now saved as their account email. Subsequently, there is no additional email verification needed unlike when a User signs up. This introduces a potential risk to the user in that they may be locked out of their account with no way to reset their password if the 'new' email is entered incorrectly. Based on the current design the 'updateUser' fuction called on submit here: https://github.com/tidepool-org/blip/blob/develop/app/redux/actions/async.js does not consist of any verification for any updates. At minimum, there should be a verification step when changing email
Steps To Reproduce:-
Create a valid account
Login to this account
Navigate to 'Account Settings' by hitting top right button
Change email to any validly formatted email
Click 'Save' to submit
Logout
Try to log in - only the new 'unverified' email will work
Example
Original email - gmail.com used
Saved email that is a 'typo' - gmail.cb is not a valid email host
Logging in with original email does not work
Logging in with this 'typo' email does - with no verification step
The text was updated successfully, but these errors were encountered:
Severity - (Medium)
Weakness - Violation of Secure Design Principles
Description
User is able to navigate to account settings and change email to any email in a proper email format (i.e. xxxx@xxx.xxx). After clicking 'Save' and submitting the form, this email is now saved as their account email. Subsequently, there is no additional email verification needed unlike when a User signs up. This introduces a potential risk to the user in that they may be locked out of their account with no way to reset their password if the 'new' email is entered incorrectly. Based on the current design the 'updateUser' fuction called on submit here: https://github.com/tidepool-org/blip/blob/develop/app/redux/actions/async.js does not consist of any verification for any updates. At minimum, there should be a verification step when changing email
Steps To Reproduce:-
Example
Original email - gmail.com used
Saved email that is a 'typo' - gmail.cb is not a valid email host
Logging in with original email does not work
Logging in with this 'typo' email does - with no verification step
The text was updated successfully, but these errors were encountered: