Password Reset
Dave Airlie
airlied at redhat.com
Tue Mar 10 23:44:28 UTC 2009
On Tue, 2009-03-10 at 22:41 +0100, Till Maas wrote:
> On Mo März 9 2009, Mike McGrath wrote:
> > So the password reset generally went off without a hitch but a lot of
> > people forgot to reset their password or just plain didn't and I'm
> > wondering if it's because of where I sent the notifications to so I
> > thought I'd ask. Would you generally like password reset requests to go
> > to:
> >
> > username at fedoraproject.org (the alias that directs to your email addr)
> >
> > the email address we have listed
> >
> > or both?
>
> Please send it only once, I do not care to which address. But here are some
> suggestions for improvement:
>
> 1) Please use a consistent subject for these mails:
>
> February: Fedora Project Password Reset Request
> December(1): FAS Password Change Request
> December(2): FAS Password
>
> 2) The mail from 2009-02-09 only said, that the password will expire. It was
> not mentioned that also further action will occur, e.g. afaik the contents of
> fedorapeople.org where moved. E.g. I only changed my password because I had to
> submit a security update, but otherwise I would not have cared for an expired
> password, because of little available time for Fedora work right now.
> Nevertheless I would have cared about moved fedorapeople.org contents or
> missing CVS notifications.
Yeah this was the point that was missed, missing a password reset should
*not* remove web content and email addresses, this is called overkill, a
staged removal, where you reset the password, wait 2-3 months and then
start culling the crap.
Its also arguable whether web content should ever be killed, when I
started in RH people were very quick to give out about
people.redhat.com, and saying use people.fedoraproject.org we don't have
any of the silly limitations and a/c expiring stuff. Guess they were
wrong.
Dave.
More information about the fedora-devel-list
mailing list