Denial of service to "registered nick" users by using nickname with different case

RESOLVED INVALID

Status

Infrastructure & Operations
Infrastructure: IRC
RESOLVED INVALID
3 years ago
3 years ago

People

(Reporter: Paolo, Assigned: lerxst)

Tracking

Details

(Reporter)

Description

3 years ago
I tried to log in to IRC with my registered nick "paolo" to find that it was denied since someone else was online with the nick "Paolo". Apparently they weren't asked for the "registered nick" password.
(Assignee)

Updated

3 years ago
Assignee: infra → dparsons
(Assignee)

Comment 1

3 years ago
This has nothing to do with nick case, as IRC nicks are case insensitive (though NickServ retains case). By default, anyone can use anyone's registered nick, unless you enable the SECURE option on your nick (/msg nickserv set secure on). This will automatically kill anyone who isn't (a) connecting from an ip on your nick's access list; (b) giving nickserv the correct identify password.

Even without SECURE set, you can always have NickServ kill the user for you with /msg nickserv recover yournick yourpassword.
Status: NEW → RESOLVED
Last Resolved: 3 years ago
Resolution: --- → FIXED
(Reporter)

Comment 2

3 years ago
(In reply to Dan Parsons [:lerxst] from comment #1)
> By default, anyone can use anyone's
> registered nick, unless you enable the SECURE option on your nick (/msg
> nickserv set secure on).

Totally missed that! Sorry for the noise.
Resolution: FIXED → INVALID
You need to log in before you can comment on or make changes to this bug.