Password resets
Ian Weller
ianweller at gmail.com
Wed Mar 11 03:53:50 UTC 2009
On Tue, Mar 10, 2009 at 08:41:33PM -0500, Mike McGrath wrote:
> So holy crap does the planet hate it when you ask people to reset their
> passwords. In particular though, they hated the following:
>
> 1. Kittens
>
> 2. "Password Expiration" is confusing and does not imply "account
> expiration". Some may have ignored the warning because they did not
> understand what the consequences were.
>
> 3. Mail aliases going away. This one's legit and accounts for the only
> data loss we actually had.
>
> 4. fedorapeople space going away and not coming back automatically.
>
> [1] requires the killing of all kittens
>
> [2] just requires a better email to go out, possibly with a link to a wiki
> page. It'd be good for this to be translated.
>
> [3] requires another "account" type or at least fasClient to be smart
> enough to know how old the 'inactive' account is. I'd suggest a month or
> so.
>
> [4] requires us to restore whatever is in
> /home/fedora.bak/$username.$timestamp at the time the account becomes
> active again. We won't leave $username.fedorapeople.org up for security /
> liability reasons. But we will make it transparent to the user that it
> looks like their stuff never went away.
>
> I'm going to disable password reset/account expiration until at least 3 of
> the 4 above are done.
>
Well I'm gonna safely assume that we won't kill all the kittens in time
for the next one... :)
--
Ian Weller <ianweller at gmail.com> http://ianweller.org
GnuPG fingerprint: E51E 0517 7A92 70A2 4226 B050 87ED 7C97 EFA8 4A36
"Technology is a word that describes something that doesn't work yet."
~ Douglas Adams
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-infrastructure-list/attachments/20090310/2bf38237/attachment.sig>
More information about the Fedora-infrastructure-list
mailing list