Folding Forum

I have read that there is no relation, however if I request a passkey using different usernames and the same email, then the passkeys will be different.

Is it supposed to be like that?

I can't answer with authority that it is supposed to be like that, but it seems logical to me. Two different donor name/team name combinations would be two separate Folding@Home accounts, so it stands to reason they would have separate passwords.

Edit to clarify what I was thinking at the time I wrote this, but I am apparently wrong anyway. I am probably still hung up on how it was before passwords when sortofageek/Team 4 at least appeared to be a separate account from sortofageek/Team 4,000,000,000,000, even though there really was no way to prove it was or was not me.

i think i've read that passkey is bound to username and email adress. if one of these two changes, so does the passkey.

To be specific, the passkey is linked to the email address you provided. The name you entered when requesting that passkey is also linked, but that name is NOT linked to ANY fah user account. The passkey is hashed on both of those data fields, and most likely one or two other factors, though not disclosed for security reasons.

The reason the passkey is not linked to a specific fah user account is because there might be 10 different fah user accounts named "John" on 10 different teams. There is no way for Stanford to know which one of those "Johns" to use, or if you are really that one specific "John".

The passkey is working as designed.

7im wrote:To be specific, the passkey is linked to the email address you provided. The name you entered when requesting that passkey is also linked, but that name is NOT linked to ANY fah user account. The passkey is hashed on both of those data fields, and most likely one or two other factors, though not disclosed for security reasons.

The reason the passkey is not linked to a specific fah user account is because there might be 10 different fah user accounts named "John" on 10 different teams. There is no way for Stanford to know which one of those "Johns" to use, or if you are really that one specific "John".

The passkey is working as designed.

Well, none of the planned features mentioned in the passkey-faq is available yet, so for now it seems unnessesary to use. Still, already using it can be an advantage, if any web-site-features based on passkey is added in the future...

One weakness with passkey is, no-one will remember anything containing a combination of 64 numbers and letters a-f, so something else like example email + password of users choise would have been easier to use.


Also, filing as bug-report:
An easy to overlook feature of email-addresses is, they are case-insensitive, meaning it doesn't matter if you writes folding@spamdomain.url or FoLdinG@SpamDomain.UrL or whatever combination of caps/no caps, it will still be delivered to the same email-address. A quick test shows that the passkey-generator overlooks this feature of email-addresses, and incorrectly treats this as 2 different email-addresses. Converting email-address to lower-case should be a one-liner, so this is an easily-fixed bug.

So rather than have one passkey linked to my email, I can many passkeys linked to my email?

When passkeys gets fully implemented, would it be possible to track all my WU/points based on my email or would I have to track it by the individual passkeys?

FAHuser wrote:So rather than have one passkey linked to my email, I can many passkeys linked to my email?

When passkeys gets fully implemented, would it be possible to track all my WU/points based on my email or would I have to track it by the individual passkeys?

I doubt it.

The client knows the passkey, not the email, so the data stored with the stats is going to be the passkey. You can combine multiple stats accounts (i.e. with different User Names) with a single passkey. You just need to remember which User Name you used to generate the passkey in case it gets lost and you need to regenerate it.