[Operators] Remove old unused accounts?

Mihael Pranjić tux at limun.org
Thu Dec 10 18:03:14 CST 2009


Am Freitag, 11. Dezember 2009 00:55:40 schrieben Sie:
> Am 10.12.2009 um 23:50 schrieb Mihael Pranjić:
> > It clearly does sound like a sane idea. This would solve the problem
> > of having
> > multiple users use the same JID after it was deleted. But think of
> > jabber
> > accounts that were created, used for short time and then left lying
> > aroung on
> > the server. This includes unnecessarily created accounts and so on.
> > However it
> > is defined, on most public services there are many jabber accounts
> > just lying
> > around, unused. This makes it impossible for someone who would
> > really like to
> > use the same JID to register it, as he does not have the email adress.
> >
> > In short there wont be two different people using the same jabber
> > account,
> > regardless of the fact that there may be "garbage" accounts that are
> > not
> > really used. This makes it impossible tot get the jid, even for the
> > people who
> > would really use it.
> >
> > Captcha could prevent an amount of "garbage" accounts, but is not
> > 100% proof.
> > Anyone can still create accounts and not use them.
> 
> Well, you could make a difference between accounts that have been used
> for a while and accounts that have been registered but never used. For
> example, if the user never logged in two weeks after it has been
> created, it is unlikely that the account has ever been used properly -
> in this case, I guess it is safe to remove it, as I don't think
> someone who just registered account will get important privileges
> anywhere.
> 
> --
> Jonathan
> 
That sounds good indeed. I dont see any huge security issue with that at the 
moment. But security related should be proven by more people imho. There is 
always someone with another idea :D

Mihael


More information about the Operators mailing list