Newsletter cannot be subscribed to without providing an alternate email #849
Labels
No Label
administration
Akkoma
Android
Bare metal
bug
Communication
Community
Cryptpad
Discussion
Documentation
duplicate
enhancement
etherpad
Feature request
Feedback
finances
Fixed
forgejo
fun_project
Goal 2024
help wanted
Howto
🤔️ Investigate
ios
jitsi
lacre
Lacre Test
ldap
Lemmy
LibreTranslate
low prio
Lufi
macos
Mail
Merch
monitoring
movim
needs_refine
New Auth
Nextcloud
nice to have
on hold
proposal
question
Ready
refined
Roundcube
searX
spam-protection
Staging Server
Themes
TOR
Urgent!
Website
windows
wontfix
xmpp
Yearly Report
No Milestone
No project
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: Disroot/Disroot-Project#849
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
This pertains to the "Update Profile" page on user.disroot.org. It seems making any changes on this page requires the addition of an alternate email (see attached screenshot). It's unclear whether this alternate email is stored in an encrypted form or not. As a general principle, I strive to minimize the amount of my personal information that is stored anywhere. Which, of course is why I'm here in the first place 😸 And also why I've chosen to setup the security questions in case there are any problems with my password.
Is it feasible to not require folks to provide an alternate email in order to, say, subscribe to the monthly newsletter?
Thanks for reporting I will check it out. In principle this filed should not be required indeed. Temporary workaround is to provide your @disroot.org email.
Might also be nice to include a note on that page about the privacy ramifications of attaching a secondary email to the account? Could be something brief, like something to the effect of:
"This email will be stored in an encrypted form separately from the rest of your account data, but accessible to all Disroot administrators."
Or
"This email will be stored in an encrypted medium, together with the rest of your account information. Lawful requests for this information will be complied with."
Did a test to see why I set it the way I did, but looks like the attribute cannot be empty as it will cause error. So I added a line that the field cannot be empty and if unused should be set to disroot email address. It will do for now, specially that we start working on new authentication syste,
I just confirmed the appearance and functionality of the form by finally subscribing to the newsletter. Thanks muppeth!