tea.mathoverflow.net - Discussion Feed (OpenID login currently broken?)

Anton Geraschenko comments on "OpenID login currently broken?" (10655)

2010-11-15T07:24:19-08:00

(What stops someone from using the feature to hijack someone else's account?)

The only way somebody could use the recovery feature to hijack your account is if you enter their email address in your profile or if they have access to your email.

Harald Hanche-Olsen comments on "OpenID login currently broken?" (10653)

2010-11-15T06:41:31-08:00

@Anton: Yes, I have javascript enabled. Anyhow, the “Is this your account?” feature now works again. Makes me guess that it was the same problem as the login problem; i.e., it was all javascript-related. (What stops someone from using the feature to hijack someone else's account?)

Anton Geraschenko comments on "OpenID login currently broken?" (10652)

2010-11-15T06:31:58-08:00

Actually, as far as I can tell the “Is this your account?” link doesn't do anything. (Tested with Safari and Firefox on the Mac.)

Presumably you have javascript enabled. The link is supposed to produce a popup box where you can enter your email in order to get sent an account recovery cookie.

"Account recovered: you should probably associate another OpenID to it" (or words to that effect). I am assuming that this advice be ignored in this situation?

Yes. That advice should be ignored. (Actually, nevermind; see below)

As of a couple of minutes ago, it seems that login is working again. Woohoo!

Georges Elencwajg comments on "OpenID login currently broken?" (10651)

2010-11-15T05:52:47-08:00

I am sure every user will join me in congratulating and thanking Anton for the quick and efficient way in which he reacted ( on a Sunday !) to a completely unforeseen problem.

Kevin Buzzard comments on "OpenID login currently broken?" (10648)

2010-11-15T01:29:28-08:00

Anton or someone else who understands OpenID: I just followed the link in the new banner and things work fine. I got things working again and get a box at the top saying something like "Account recovered: you should probably associate another OpenID to it" (or words to that effect). I am assuming that this advice be ignored in this situation?

Harald Hanche-Olsen comments on "OpenID login currently broken?" (10647)

2010-11-15T00:28:23-08:00

Actually, as far as I can tell the “Is this your account?” link doesn't do anything. (Tested with Safari and Firefox on the Mac.)

Anton Geraschenko comments on "OpenID login currently broken?" (10646)

2010-11-14T21:22:18-08:00

I've just rigged it so that you only see the "login is broken" banner if you're not logged in.

Edit: I've also rigged it so you can use the banner directly to recover your account.

Todd Trimble comments on "OpenID login currently broken?" (10645)

2010-11-14T21:01:48-08:00

I had closed the window I was using and reentered from a new window, to see what would happen. So I didn't think I was logged in, but now I suppose I was, in which case the message seems to be not to worry. Sorry for the bother.

Anton Geraschenko comments on "OpenID login currently broken?" (10643)

2010-11-14T19:54:42-08:00

Are you already logged in? You should only see the "Is this your account?" link if you're not logged in.

Todd Trimble comments on "OpenID login currently broken?" (10642)

2010-11-14T19:40:58-08:00

Thanks, but that's not what I see. No wonder I couldn't find it.

Anton Geraschenko comments on "OpenID login currently broken?" (10641)

2010-11-14T19:27:12-08:00

@Todd:

Todd Trimble comments on "OpenID login currently broken?" (10640)

2010-11-14T19:00:09-08:00

I can't even find the "Is this your account?" link on my user page. I feel so stupid.

Anton Geraschenko comments on "OpenID login currently broken?" (10637)

2010-11-14T18:31:22-08:00

@Scott: done.

Scott Morrison comments on "OpenID login currently broken?" (10636)

2010-11-14T18:13:39-08:00

@Anton,

maybe you should put up a site banner, just so people know what's going on.

Anton Geraschenko comments on "OpenID login currently broken?" (10635)

2010-11-14T17:37:39-08:00

Does anyone actually know anything? Is some person with some competence in such matters doing something about it?

Nope. I've contacted Fog Creek (the company that hosts the site), but haven't heard back from them yet, possibly because it's Sunday. Hopefully this will be resolved by tomorrow morning.

Michael Hardy comments on "OpenID login currently broken?" (10634)

2010-11-14T17:32:57-08:00

The problem is still there. I've tried various browsers, and I've tried logging in from my home computer and from machines on the campuses of three different universities. No luck. So here's a question: Does anyone actually _know_ anything? Is some person with some competence in such matters doing something about it?

Anton Geraschenko comments on "OpenID login currently broken?" (10633)

2010-11-14T17:32:25-08:00

By the way, you can always get another cookie without actually logging in by visiting your user page and clicking the "Is this your account?" link.

Anton Geraschenko comments on "OpenID login currently broken?" (10632)

2010-11-14T17:25:11-08:00

Oh dear, with two of the moderators now locked out, it's time for all you lurking trolls to run amok! Argh! :-)

No, no. I wasn't so absent-minded as to not run this experiment in a separate browser.

Harald Hanche-Olsen comments on "OpenID login currently broken?" (10630)

2010-11-14T16:07:01-08:00

Me too. 8-) No, seriously, I tried from a different browser than I usually use. Since use openid delegation via a server I control, I can look in the log and see that there has been no request for my openid page. It could be a number of things, like the MO server not getting any responses from the DNS server that it uses.

Kevin Buzzard comments on "OpenID login currently broken?" (10629)

2010-11-14T15:37:49-08:00

FWIW I can't log in either. I don't want to start a big "me too" thing; I just thought I'd give another data point to remove the unlikely possibility that it was only the moderators who had problems :-)

Scott Morrison comments on "OpenID login currently broken?" (10627)

2010-11-14T15:14:58-08:00

Oh dear, with two of the moderators now locked out, it's time for all you lurking trolls to run amok! Argh! :-)

Anton Geraschenko comments on "OpenID login currently broken?" (10626)

2010-11-14T15:09:24-08:00

Confirmed! Other SE 1.0 sites seem to have the same problem. I've emailed Fog Creek.

What were you thinking, logging out of MO?!?

(btw, you have a script on tqft.net which fetches new posts by new users ... you may be able to extract your cookie from there)

Scott Morrison comments on "OpenID login currently broken?" (10624)

2010-11-14T14:59:02-08:00

I can't log in!

When I enter my OpenID (http://tqft.net/) I just get a message

Unable to log in with your OpenID provider:

Web request to 'http://tqft.net/' failed.

The URL loads fine in my browser, and I can log in other places with the same OpenID. Could someone log out and log back in, and let me know here if they have any problems? I'm confused.