On Mon, Aug 23, 2010 at 2:06 PM, Max Semenik <[email protected]> wrote: > This point is debatable:) At least we inform people that they should > provide valid emails if they want to reset their passwords.
Just today Gmail put a message at the top of the screen complaining that I didn't have a phone number or backup e-mail set to recover my password, and nagged me to do so. I guess it only does that to people who have been using it for X months, have more than Y MB of mail stored, something like that. Maybe we should nag established users without confirmed e-mail to set one, once in a while. (Doesn't help if they can't access the address anymore, though . . .) > That would require some effort, and will add another cookie that > stores expiry time. A simple increase in time will be a fine solution > until a complex scheme is implemented (do we want it at all? more > cookies=more bandwidth). Additionally, there's still no good reason to > keep expiry time short anyway. I don't see any reason to increase it to 90 days -- if we increase it at all, may as well make it not expire. _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
