Emil S. wrote in post #1116233: > I use email for login , so I do this in the console/database seed file : > User.create(email: '[email protected]', password: 'password123', > password_confirmation: 'password123') > Then I log in with the "[email protected]" and "password123"
Personally speaking, I generally dislike the practice of using email addresses as usernames. Yes, it has a certain convenience. Convenience will always be in contention with security. There are a number of reasons for this: 1. If the site gets hacked there is no way to protect email addresses from exposure. If email addresses are kept separate from the user account information then it is at least possible to protect them from a hack against the user login info. 2. If a user changes their email address (or otherwise loses control of their email account) they have no way to verify themselves in case they need to reset their password. -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/109f507533ae30c67151c56b115d7a16%40ruby-forum.com. For more options, visit https://groups.google.com/groups/opt_out.
