On Tue, Mar 10, 2009 at 08:41:33PM -0500, Mike McGrath wrote:
So holy crap does the planet hate it when you ask people to reset
their
passwords. In particular though, they hated the following:
1. Kittens
2. "Password Expiration" is confusing and does not imply "account
expiration". Some may have ignored the warning because they did not
understand what the consequences were.
3. Mail aliases going away. This one's legit and accounts for the only
data loss we actually had.
4. fedorapeople space going away and not coming back automatically.
[1] requires the killing of all kittens
[2] just requires a better email to go out, possibly with a link to a wiki
page. It'd be good for this to be translated.
[3] requires another "account" type or at least fasClient to be smart
enough to know how old the 'inactive' account is. I'd suggest a month or
so.
[4] requires us to restore whatever is in
/home/fedora.bak/$username.$timestamp at the time the account becomes
active again. We won't leave $username.fedorapeople.org up for security /
liability reasons. But we will make it transparent to the user that it
looks like their stuff never went away.
I'm going to disable password reset/account expiration until at least 3 of
the 4 above are done.
Well I'm gonna safely assume that we won't kill all the kittens in time
for the next one... :)
--
Ian Weller <ianweller(a)gmail.com>
http://ianweller.org
GnuPG fingerprint: E51E 0517 7A92 70A2 4226 B050 87ED 7C97 EFA8 4A36
"Technology is a word that describes something that doesn't work yet."
~ Douglas Adams