<div dir="ltr"><div><div>Going through the notes something that stuck out to me from android was<br><br>"Technically, there's no reason that we could not associate a single email (even a defunct email) with many emails."<br><br></div>Which made me to think, do we really need to change the email address in the system or could we add a new one and mark it as active, keeping the original? The original email would still used to generate all required keys to get sync data.<br><br></div><div>We could expand the user model to handle multiple email address, recovery address, etc as outlined in <a href="https://github.com/mozilla/fxa-auth-server/issues/973">https://github.com/mozilla/fxa-auth-server/issues/973</a><br><br></div><div>Are there any shortcomings with this or major gaps I could be missing?<br><br></div><div>- Vijay<br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Jan 31, 2017 at 2:05 AM, Ryan Kelly <span dir="ltr"><<a href="mailto:rfkelly@mozilla.com" target="_blank">rfkelly@mozilla.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><br>
Hi All,<br>
<br>
<br>
One of the items on our Q1 OKR list is:<br>
<br>
"Enable users to add a second email and change their primary"<br>
<br>
This is an item that we've talked about a lot in the past, but never<br>
really dug into moving on. Let's pick up the thread and try to scope<br>
out what we can realistically achieve on this in Q1.<br>
<br>
I'm sure we've had a long rambling discussion about this topic on the<br>
list in the past, but be damned if I can find it. Does anyone happen to<br>
have a reference to it in their mail history?<br>
<br>
In the meantime, some high-level scoping questions, mostly for :rfeeley<br>
and :adavis but naturally feel free to chime in:<br>
<br>
* How will we measure the success of this feature? Is it simply based<br>
on the rate at which people add/change emails, or do we expect it to<br>
show up in other metrics e.g. a decrease in bounce rate?<br>
<br>
* What UX will we expose to the user here? Will we e.g. expose the<br>
ability to have multiple email addresses, or keep that hidden as<br>
an implementation detail?<br>
<br>
* How will we secure this feature? If the user has lost access to the<br>
email associated with their account, does allowing them to change it<br>
violate the security properties of e.g. sign-in confirmation? Or will<br>
send a confirmation email to the *original* email address as well?<br>
<br>
<br>
Also, some links to previous bugs on this topic, for reference:<br>
<br>
* An old, long, rambling bug on implementation approach:<br>
<a href="https://github.com/mozilla/fxa-auth-server/issues/957" rel="noreferrer" target="_blank">https://github.com/mozilla/<wbr>fxa-auth-server/issues/957</a><br>
<br>
* Some notes on why this might be tricky on Android:<br>
<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1173566" rel="noreferrer" target="_blank">https://bugzilla.mozilla.org/<wbr>show_bug.cgi?id=1173566</a><br>
<br>
* Some prior UX from :rfeeley:<br>
<br>
<a href="https://www.lucidchart.com/documents/view/9c9a4647-615f-4b7c-a4db-71ae10afcd04" rel="noreferrer" target="_blank">https://www.lucidchart.com/<wbr>documents/view/9c9a4647-615f-<wbr>4b7c-a4db-71ae10afcd04</a><br>
<br>
* A new user request for this feature:<br>
<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1334107" rel="noreferrer" target="_blank">https://bugzilla.mozilla.org/<wbr>show_bug.cgi?id=1334107</a><br>
<br>
This is very much still in the scoping phase, so any and all comments<br>
welcome.<br>
<br>
<br>
Cheers,<br>
<br>
Ryan<br>
______________________________<wbr>_________________<br>
Dev-fxacct mailing list<br>
<a href="mailto:Dev-fxacct@mozilla.org">Dev-fxacct@mozilla.org</a><br>
<a href="https://mail.mozilla.org/listinfo/dev-fxacct" rel="noreferrer" target="_blank">https://mail.mozilla.org/<wbr>listinfo/dev-fxacct</a><br>
</blockquote></div><br></div>