-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Jul 1, 2008, at 2:40 PM, Hank van Cleef wrote:
I'm also concerned about this proposed scheme to discontinue montnly mailings. It most definitely needs some mechanism whereby a user can reset or re-obtain their password without moderator intervention. Our user base is just plain not password-savvy, and I'm concerned about the increase in moderator workload if the recovery method is similar to password resetting by root (the Unix method).
Don't worry, going forward we'll have a fairly typical password reset feature instead of the monthly reminder. The other advantage of this is that we won't have to keep user passwords in our database unencrypted.