FAQ Desk: Logging in to this Forum
PeterJones last edited by PeterJones
Hello, and welcome to the FAQ Desk.
Many people ask questions about how to log in, why we require an account with Google, Facebook, Twitter, or GitHub, and why we don’t just have email/password login here.
How to Log In
To log in, go to the https://community.notepad-plus-plus.org/login page, and select one of the Available Logins, through one of those four OAuth / SSO providers (“OAuth” is the name of one system whereby you can log into one website using the credentials on another; “SSO” = “single sign on”, a generic term for that kind of system).
When you click on one of those links, you will be asked to log in to the other website (if you aren’t logged in already) and to give permission to “share your data” with the Notepad++ Community Forum. After that, you will have an account here, and be logged in. Other that the initial connection, you may occasionally have to re-login, but you’ll just have to confirm with the provider that you still want to log in here.
But I don’t have an account on one of those
Then you need to create one there. If you wish to remain reasonably anonymous, pick one of the providers whose terms of service allow anonymous accounts or multiple accounts; some are more strict than others in that regard; it is up to you to not violate terms of service.
But it’s sharing data!?!?
Only minimal information is shared. If you have publicly shared a name or email address on your chosen OAuth/SSO provider, the Notepad++ Community Forum will copy that information over to initially populate your profile on this site. However, you can change any of that data by clicking on your profile icon in the upper right, and selecting Edit Profile; your username doesn’t even have to match!
Aside from that initial profile data, the only information we get from the OAuth provider is a response to “is this user still logged in and still allowing you to tell us whether they are logged in”? The Forum gets back a “yes” or “no” response; on a “yes”, you will be logged in here; on a “no”, the login will fail.
Why not just do email/password logins
The simple answer is that it’s more work and more dangerous.
OAuth logins are much more secure than a system where you password and login information are stored on the Notepad++ Community server. Those OAuth providers have huge budgets and full-time-employed security teams working around the clock to keep your credentials secure; a mom-and-pop group like us have $0 and 0 employees to stay on top of such things, and when the password-storage was hacked (notice I say when, not if), you and/or a multitude of other users here would be up-in-arms over the password breach. The safest for everybody is the current method – using OAuth through big-name organizations.
But I’ve never seen anyone else ask me to log in through OAuth!
Congratulations; you’ve avoided playing any Facebook games – that’s quite an accomplishment that you should be proud of. ;-)
Seriously: Many websites use OAuth, and allows cross-logging-in, so I’m surprised you’ve never seen any.
As I mentioned, any of the FarmSquirrel, BlowUpMyFriendsWords, or other popular Facebook games use them, as do “what celebrity does my dog look like” apps and “only 1/10 people can score 98.6% on this quiz”.
imgur.com and similar image/file-sharing sites use OAuth providers.
The list goes on and on. Maybe you haven’t noticed them before, but they are out there, and quite common. And other than the Facebook games and quizzes, most are harmless.
If you start the login process from the wrong OAuth provider, it will create a new account here in the forum.
However, if you login with your original/existing OAuth provider first, then go to Edit Profile, the “Single Sign-On Services”, you can associate your single Notepad++ Community Forum with each of the OAuth providers. This means that later, if you accidentally click “Google” instead of “GitHub” and both are associated with your account here, you will log into the same account. This is useful for when you click on the wrong link (or cannot remember which OAuth provider you originally signed up with). It’s also useful if you’ve temporarily or permanently forgotten your credentials at one of the OAuth providers or decided to delete your account over there, you can still use one of the others to log in here (for example, if you have associated both GitHub and Google, but forgot your Google login, you could authenticate using the GitHub, then edit your profile here to remove the link to your Google account; if you ever created a replacement Google account, you could re-link it here when done).
“I still don’t like it. Do I have to have an account here to particpate?”
You can read any post without an account. But to make a new topic or post a reply to an existing topic, you have to log in through one of the available providers.
How To Get Email Notifications
The forum has the feature to send email notifications upon replies, mentions, and a variety of other conditions.
To change the notification settings, click on your user icon, and choose Settings. There, you can set whether or not to get the digest, and which notifications should be in-forum only, email only, or both in-form and via email.
The forum will not email the notifications unless you have confirmed your email address. To do this, click on your user icon, choose Edit Profile, then choose to Change Email. Once you have entered a valid email address and hit Submit, the forum will attempt to email you.
Unfortunately, the forum emails do not always make it through; many users have complained that they have never received their confirmation email, whereas many others have no problems receiving the confirmation email. If you don’t receive it, it may have been routed to your spam folder; or your email provider may choose to not pass the email on to you when it receives it from the forum’s mail-sending server. Potential workarounds for those who don’t receive it include checking spam folders, trying to change to a different email address (if you have another available – preferably from a different email provider), or setting to an invalid email address and then changing it back to the correct address again (hitting Submit after each change). You might also ask your email provider if they can be temporarily less-strict about what emails get sent to you (though that’s a long shot). None of those, however, are guaranteed to work.
(If you do change your email, please note that it only affects the sending of the confirmation, notification, and digest emails; it does not change how you log in. As described above, you still log in with the Google, Facebook, Twitter, or GitHub accounts, just like you did before the Change Email.)
The administrators of the forum have tried debugging the problem, but they are not email server experts, and as of yet they have not yet been able to improve the reliability beyond where it currently is. Every once in a while, I am able to do some more research, and I try to give the administrators more ideas of things to fix, but it’s a slow process for non-experts.
That said, the forum had worked for years without email notification before that feature started working (for some users) in 2021: the only thing that the email confirmation enables is the various email notifications and digest emails; every other feature of the forum works just fine without the confirmation message. And as users who predated the 2021 email-enabling discovered back then, if you want to see if you have a reply to a post, you can always just log into the forum, and the notification bell icon will indicate if you have any in-forum notifications indicating replies.
If you are unable to get the confirmation email after this, then all I have left to offer is my own sincere apologies, and the apologies I convey on behalf of the administrators.