Reset password:

Strategic insights
Prevent People From Losing Control of Their Profiles

Written by on March 1, 2010

We hear about it all the time, people’s social profiles are taking over by hackers. It is fairly simply done. Find a way to get people’s username and password, login, change their login credentials, and voila. The attacker now has complete control over peoples profiles, and there is nothing they can do about it.

Just a few days ago, the musician Jason Mraz’s Twitter account was taken over, and because the attacker changed his password, he could not do anything to stop them - apart from trying to contact Twitter and persuade them that this really was his account, and that someone else was in control of it.

As he wrote (on Facebook): “**IMPORTANT** someone has hacked into Jason’s twitter account. Don’t believe anything that is tweeted until we have access back into the account!

Then today, United Airlines lost their Twitter account.

But here is the thing. It is amazingly simple for app developers to prevent this sort of thing. That is. You cannot prevent people from losing their username and password, but you can prevent that in doing so, they also lose control of their profile.

Here is what you do:

When anyone tries to change either the username, password or email address, send an email to the existing email address with the following message.

This way, it would be impossible for an attacker to take over your account, because you would always be able to change it back to you. Even if an attacker changed your password, email, or username, it could all be reversed by a simple following the link. And because this link would always be sent to the email on file before it was changed, you would always be in control.

It is really that simple - one email, with an “undo” link.

...something that every web app should implement by default.

Share on

Thomas Baekdal

Thomas Baekdal

Founder of Baekdal, author, writer, strategic consultant, and new media advocate.


Baekdal PLUS: Premium content that helps you make the right decisions, take the right actions, and focus on what really matters.

There is always more...