Hi!
I recently signed up for an account in an app using my Blockstack identity. The app asked for permission to view my email address. The service then sent me a confirmation email. The thing is, I don’t remember adding my email address in the Blockstack browser, and I don’t see how to change it. Where is the app getting my email address from? Is it possible to change it in the browser?
Thanks!
Hi @samjones.id
So, your email address and your password in the Blockstack browser are kept only on a session basis. They are stored with the session object. When you reset your Blockstack browser the session object is deleted. Then, the next time you login, you provide it with a password/email for that session.
Unlike a cloud application username/password, you can provide a new email and a different password for each browser session. The unique and identifying value is your ID and the corresponding Secret Recovery Key or Magic Recovery Code.
We have documentation that might help. And also information about key security information associated with a DApp like the browser. I’ll expand that security and the documentation around the password and email.
Hope this helps. Let us know if it didn’t. Thank you for bringing the question up, I’ll expand the docs to make this clearer.
When you login to the app, the app can ask you for your email (that is stored in the current browser session ) like this:
Thanks for that explanation @moxiegirl! That clears it up. I had set up the Blockstack browser some time ago by migrating a Onename account, so I don’t remember the process I went through.
Perhaps instead of relying on documentation to explain this to users, the Blockstack browser could work towards making the email address viewable and changeable. I would make this argument for any piece of information that an app might ask permission to access. If Blockstack is going to succeed as a platform, I don’t think we can say to laymen “Hey, go read this documentation to figure out how to use it.”
Thanks @friedger! I had noticed that request for permission, with the same SpringRole app in fact. I was asking about where this email is stored and how I can change it. But this screenshot might be helpful for other people looking for this information!
@samjones.id Absolutely agree…the word password itself is a bit confusing right? I mean it isn’t like a regular password you might put in a password manager. We are definitely working on improving the experience — let us know if you want to be usabilit reviewer of any new designs.
The Links above seems dont work…
