[thelist] Usernames and Passwords

Lee Kowalkowski lee.kowalkowski at googlemail.com
Tue May 1 11:32:04 CDT 2007

On 01/05/07, Ken Snyder <ksnyder at coremr.com> wrote:
> Lee Kowalkowski wrote:

> Although Ebay could have remedied the situation by some better
> application logic, the heart of the problem is that email addresses are
> not unique over time.

Not unique in what way?  You can't duplicate an email address like you
can't duplicate instances of cars (yet).  Ownership can be
transferred, access can be shared, just like cars, but they are still
unique things.  Usernames can change hands in a similar way.

eBay should have prevented registration with an existing email address
if they're using email addresses as unique identifiers.

> Anyway, just wanted to share my story on the woes of email address
> recirculation.

Thank you, it was useful to know.  I think the actual victim is the
previous owner, it seems it was their security that was comprimised.
Which supports my stance that people who user their email addresses
for important things should protect them.  Before letting such an
email address go, one should perhaps consider breaking these kind of
associations, like closing or properly updating related accounts.


More information about the thelist mailing list