>> For example, MZMcBride, what if your password is "wiki", and somebody >> compromises your account, and changes your password and email. You don't >> have a committed identity, so your account is now unrecoverable. You now >> have to sign up for Wikipedia again, using the username "MZMcBride2". Of >> course, all your previous edits are still accredited to your previous >> account, and there's no way we can confirm you are the real MZMcBride, but >> at least you can continue to edit Wikipedia... Obviously you are not the >> best example, since I'm sure you have ways of confirming your identity to >> the Wikimedia Foundation, but not everybody is like that. You could argue >> that if you consider your Wikipedia account to have that much value, you'd >> put in the effort to make sure it is secure. To that I say see the above >> paragraph. >> > >What if all of the email addresses that a user has ever used were to be >stored permanently? Then in the event of an account hijacking, he could say >to WMF, "As your data will confirm, the original email address for user Foo >was [email protected], and I am emailing you from that account, so either my >email account got compromised, or I am the person who first set an email >address for user Foo." The email services have their own procedures for >sorting out situations in which people claim their email accounts were >hijacked.
I feel as though this idea does not meet my need for privacy. I can guess that at least a portion of the community would agree. Thank you, Derric Atzrott _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
