On 07/01/16 16:50, Radislav Golubtsov wrote:
Please don't judge him strongly. I claim, yesterday (as I carefully [...]
Nobody judges him, I'm sure. Or at least I agree with you nobody should. It's not really a matter of judgement, it's just about good practices. We certainly should do better than some big companies, who claim to be at the forefront of Internet security, and yet "authenticate" users with silly methods like the last four numbers of a credit card number. I'd rather prefer them piss me off by saying "We're really sorry, but we can't help you regain access to your account, unless we can reliably authenticate you. Please understand that this is in your own interest!" Speaking of which, it's probably a good time for everyone who uses PGP, but hasn't yet put their fingerprint in AUR, to do it now. Of course, one could lose their private PGP key either, but then their AUR access will be the least of their concerns, I'm sure. And for those who don't use PGP, it might be a good time to start. ;) Cheers, Luchesar