Beefy Boxes and Bandwidth Generously Provided by pair Networks
P is for Practical

Deleting Accounts

by jdhedden (Deacon)
on Jul 30, 2009 at 18:47 UTC ( #784702=monkdiscuss: print w/replies, xml ) Need Help??

I "quit" this site a very long time ago. At that time, I was told this site didn't have a way of deleting accounts. Now that the passwords have been compromised, I've had to deal with this issue. If this site allowed deleting accounts, I wouldn't have had to bother.

This site needs the capability to allow users to delete their accounts! And after you do, delete my account please.

Replies are listed 'Best First'.
Re: Deleting Accounts
by ikegami (Pope) on Jul 30, 2009 at 19:11 UTC
    How would deleting the account help any? Someone could create another account in the same name and the state would be the same as if someone stole your password. Locking the account makes more sense, and avoids the issue of orphaned posts.
      Deleting the account prevents collateral damage from using the same password in multiple places. Locking wouldn't solve it, but he could have changed his password to something he doesn't use anywhere else when he abandoned the account. Though, I have to admit, I probably wouldn't think of that (but I never delete accounts on places I don't go anymore, either.)
        That's solved by clearing the account's password field when locking it. The absence of a password could even be the flag that indicates an account is locked.

        Using the same password for all your online accounts in like using the same key for your house, car, office, bank deposit box, mail box, bike lock, etc, etc, etc and then leaving a copy of the key with every manager of every service and letting unknown third parties by the dozen tool the copies for you. No one in their right mind would consider doing that. I wish people would take a little more conscientious responsibility for their online lives too.

        That said, I agree that deleting/locking is a good idea and of course it's quite sad that a place like this where everyone actually does know better was still keeping clear passwords at all. I'm not personally particularly worried about it because I have different passwords for every one of 100+ sites I have accounts. Anyone who doesn’t is inviting disaster. Some hackers don't announce their hacks. Some sites don't report, or even necessarily ever know about, security breaches.

      If the 'gods' don't want to delete accounts, then make it such that a 'defunct' account doesn't have a password any more. And for accounts without password, make it so that they can't log in. That's at least better than what there is now.

      Also, for 'defunct' accounts, wipe out all the user information (e.g., email address) so that can't be compromised either.

Re: Deleting Accounts
by igelkott (Priest) on Jul 30, 2009 at 19:58 UTC

    A simple compromise would be to erase (lock-out) passwords when an account is locked (on request or by force). This maintains thread logic and keeps user names from being reused. Even closer to outright deletion would be to hide or delete the personal nodes from the old accounts.

    Of course it's easy to come up with this in hindsight but it could still be worth consideration and probably not too hard to implement.

      A user can change their settings to remove their user information and then change their password to random themselves. You don't need any special code on the site for this.

Re: Deleting Accounts
by wazoox (Prior) on Jul 31, 2009 at 21:35 UTC
    Why you'd want to delete an account on some website where you came for a long time is beyond me. You're sounding bizarrely agressive there.

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: monkdiscuss [id://784702]
Approved by Argel
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others exploiting the Monastery: (3)
As of 2021-05-13 10:30 GMT
Find Nodes?
    Voting Booth?
    Perl 7 will be out ...

    Results (134 votes). Check out past polls.