Thread 'What happens to remote computers logged in, if I change a project's password?'

Message boards : Questions and problems : What happens to remote computers logged in, if I change a project's password?
Message board moderation

To post messages, you must log in.

AuthorMessage
ProfileWizardling
Avatar

Send message
Joined: 4 Mar 09
Posts: 39
New Zealand
Message 74359 - Posted: 25 Nov 2016, 4:21:30 UTC

G'day.

What happens if I change my password for a BOINC project, and I've other remote computers logged in with my email/password? Do they then get logged out and unable to do any more work? Or did they receive the account key via the email/password login, and will they stay logged in with that? Or is even that a wrong assumption on my part as to how account keys work?

I'd appreciate guidance before moving forward, as some of these computers are only visited by me a couple times a year, and I've no remote access to them.

TIA :-)
"The surest sign that intelligent life exists elsewhere in the universe is that it has never tried to contact us." - Calvin and Hobbes (Bill Watterson)
ID: 74359 · Report as offensive
ProfileJord
Volunteer tester
Help desk expert
Avatar

Send message
Joined: 29 Aug 05
Posts: 15542
Netherlands
Message 74361 - Posted: 25 Nov 2016, 7:43:37 UTC - in response to Message 74359.  

They received the (weak) account key.
ID: 74361 · Report as offensive
ProfileWizardling
Avatar

Send message
Joined: 4 Mar 09
Posts: 39
New Zealand
Message 74363 - Posted: 25 Nov 2016, 8:29:28 UTC - in response to Message 74361.  

https://boinc.berkeley.edu/wiki/Weak_account_key - "Your weak account key is a function of your password. If you change your password, your weak account key changes, and the previous weak account key becomes invalid."

So I take that and what you've said, to mean any clients I have logged in with email/password, will be logged out and unable to continue work, if I change my password. But if I logged in a client with the regular account key, changing my password won't affect the login?

Am I correctly understanding the process?

Cheers for your help in this matter :-)
"The surest sign that intelligent life exists elsewhere in the universe is that it has never tried to contact us." - Calvin and Hobbes (Bill Watterson)
ID: 74363 · Report as offensive
ProfileJord
Volunteer tester
Help desk expert
Avatar

Send message
Joined: 29 Aug 05
Posts: 15542
Netherlands
Message 74375 - Posted: 25 Nov 2016, 12:42:42 UTC - in response to Message 74363.  

The strong account key never changes. You got it appointed when you made the account.
Systems you have with a weak account key will have their account key nullified when you change the password, because the weak account key is based upon the account ID plus the password. When the password changes, the weak account key changes.
ID: 74375 · Report as offensive
ProfileWizardling
Avatar

Send message
Joined: 4 Mar 09
Posts: 39
New Zealand
Message 74381 - Posted: 25 Nov 2016, 22:34:17 UTC

I super appreciate everybody's help, and apologise if I'm being dense in any way :-)

So adding a project via email/password adds using the weak key, and will be logged out upon password change.

While I'm clear upon how to add projects with the strong account key that will not be logged out upon password change, to a computer via command line. I'm not clear on how to do so via the BOINCmanager GUI app. Do I simply substitute the strong key for password?

Thanks again, and as to the ethics involved, I ask those family and friends for whom I act as tech support, for permission first before setting up BOINC on their computers. For those who say they're happy to donate downtime, I just install, add some favourite projects, and check in upon my return (usually to look after some unrelated tech support matter). Anyone who expresses their own interest, I help them set up their own accounts with projects, and show they how to use BOINCmanager.

I enjoy spreading BOINC around, but I agree it is only right to do so ethically with permission :-) I'm aware some people go a little nuts installing BOINC on every computer they ever find they've access to. I guess there are worse things they could be doing, but it's not okay in my book.
"The surest sign that intelligent life exists elsewhere in the universe is that it has never tried to contact us." - Calvin and Hobbes (Bill Watterson)
ID: 74381 · Report as offensive
ChristianB
Volunteer developer
Volunteer tester

Send message
Joined: 4 Jul 12
Posts: 321
Germany
Message 74421 - Posted: 27 Nov 2016, 10:16:19 UTC

If you attach a computer using the email/password combination via the Manager you will get the (strong) authenticator in the account file. So you can change your password without loosing the computer.

If you want to use the weak authenticator you can't do this via the Manager you would need to supply this via a file. The weak authenticator is identified by being prepended with your userid and is stored in the same place as the authenticator in the account file.
ID: 74421 · Report as offensive
ProfileWizardling
Avatar

Send message
Joined: 4 Mar 09
Posts: 39
New Zealand
Message 74425 - Posted: 27 Nov 2016, 14:42:42 UTC - in response to Message 74421.  

If you attach a computer using the email/password combination via the Manager you will get the (strong) authenticator in the account file. So you can change your password without loosing the computer.

If you want to use the weak authenticator you can't do this via the Manager you would need to supply this via a file. The weak authenticator is identified by being prepended with your userid and is stored in the same place as the authenticator in the account file.


Okay, I genuinely don't mean to give offence here, so I hope this won't be taken as any kind of slight. Because I really like BOINC, and appreciate the help from it's community over years.

But who is correct here? Because I'm had a reply from an admin and yourself - a dev - that contradict each other. So far as I understand. I could just be confused. That's been know to happen :-)
"The surest sign that intelligent life exists elsewhere in the universe is that it has never tried to contact us." - Calvin and Hobbes (Bill Watterson)
ID: 74425 · Report as offensive
ProfileJord
Volunteer tester
Help desk expert
Avatar

Send message
Joined: 29 Aug 05
Posts: 15542
Netherlands
Message 74435 - Posted: 27 Nov 2016, 18:01:29 UTC - in response to Message 74425.  

My admin title is only used for battling spammers, it doesn't mean I am all-knowing. I'm a volunteer just like Christian and you. :-)
As far as I know, I never said anything about the manager giving the weak or strong account key. Even re-reading, I see Christian and I are on one line, and just adding to the information we both gave. The only - but - you may have is the one in my first answer in this thread. It was more of a question I asked myself and to return to it later, but I didn't. Sorry for that.
ID: 74435 · Report as offensive
ProfileWizardling
Avatar

Send message
Joined: 4 Mar 09
Posts: 39
New Zealand
Message 74448 - Posted: 28 Nov 2016, 4:54:57 UTC - in response to Message 74435.  

Admins are not all knowing? :-\ Wait, if you're not all knowing maybe just don't know you're all knowing... in which case you'd be all knowing! But actually not, because you didn't know you were...

*head begins to hurt*

But anyway, the upshot of this thread is: login via email password adds a project using the strong key, and is thus unaffected by later project password changes.

Hopefully that is the case and I've correctly understood, because this week I'll be testing it as I upgrade passwords (from my weak choice of a decade ago) for over a dozen projects spread across a dozen or so computers that were all logged in via email/password, most of whom I won't get in front of for months :-)

See ya starside!
"The surest sign that intelligent life exists elsewhere in the universe is that it has never tried to contact us." - Calvin and Hobbes (Bill Watterson)
ID: 74448 · Report as offensive

Message boards : Questions and problems : What happens to remote computers logged in, if I change a project's password?

Copyright © 2024 University of California.
Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation.