0

Preface

We are currently creating a new system for our clients and are stuck on account recovery when a user loses access to everything.

The system is entirely controlled by our company in the following way:

  1. Our employee creates a client company profile (name*, other fields like logo, website are optional)
  2. Our employee “invites“ the client’s administrator to the account by entering an email and/or a phone number (we send an email and/or text inviting the client to our system)
  3. The client clicks on the generated URL and creates their access (adding any relevant info like their name, email/phone if it’s not already there or secondary emails/phone numbers, etc.)
  4. The client can now invite further members to access their company’s information

This works great and allows for account recovery assuming the user maintains access to their email or phone number.

Issues

The industry in which we work has a lot of movement and user emails and phone numbers change frequently. (Users are contractors).

Users may have access to multiple companies simultaneously. It’s not a 1:1 relationship, it’s an many:many relationship between company and user.

We foresee issues where a user is invited to join the system from company A (company A gives the contractor an internal email) then the user is added to a second company B (using the company A email). After the contract with company A is terminated, company A removes the user’s access (email, phone) and, because he’s human, the user forgets their password.

How does the user recover their account without having access to the account’s email or phone and how can we allow the user to securely change his account’s email or phone?

Yes, recovery questions are feasible, but I’ve never been a fan of this security method. People always forget what they put or they inadvertently make this information public on social media.

ctwheels
  • 101
  • 2
  • These types of cases often become liability issues, as much as technical issues. I know that some high-stakes operations (e.g. online brokerage accounts) require signed letters of authorizaton, authenticated by a notary, for these types of cases. – mti2935 May 20 '20 at 22:51
  • @mti2935 that adds a lot of *complication*. I know most large companies basically have a "SOL" situation where you lose your account forever. We were debating maybe accomplishing this using a driver's license (half our users - equipment operators - are required to upload their driver's license in order to use the system), but then again, there's nothing guaranteeing us that the driver's license is in the correct hands. – ctwheels May 20 '20 at 23:13
  • I agree that it adds some complication, but if there is a lot at stake, it may be worth it, and your legal team may insist on it. In the event that something goes wrong, it would be very difficult for someone to argue that you were negligent. – mti2935 May 20 '20 at 23:36

0 Answers0