(Idea) Send Annual Security Reminder Emails #883
Labels
No Label
administration
Akkoma
Android
Bare metal
bug
Communication
Community
Cryptpad
Discussion
Documentation
duplicate
enhancement
etherpad
Feature request
Feedback
finances
Fixed
forgejo
fun_project
Goal 2024
help wanted
Howto
In progress
🤔️ Investigate
ios
jitsi
lacre
Lacre Test
ldap
Lemmy
LibreTranslate
low prio
Lufi
macos
Mail
Merch
monitoring
movim
needs_refine
New Auth
Nextcloud
nice to have
on hold
proposal
question
Ready
refined
Roundcube
searX
spam-protection
Staging Server
Themes
TOR
Urgent!
Website
windows
wontfix
xmpp
Yearly Report
No Milestone
No project
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: Disroot/Disroot-Project#883
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
It would be nice if the system automatically sent an email at least once a year reminding each user how their account is currently set up for passwords. This will give them a chance to review their security questions, or their backup email address.
Forgotten passwords pose a substantial danger in environments where admins cannot retrieve/reset accounts, and it is only human to forget details that one entered years ago.
One one hand yes nice idea but I wonder if this will not be seen as spam or make people less alert when getting actual spam. There is plenty of such spam emails flaying around the net and disroot users also sometimes get those phishing mails (like "your account needs update change or it will be blocked etc). Currently until rolling out new authentication system/self service center I wouldn't do anything like this. At least as long as we plan and hope to roll new auth system in near future. If we fail to deliver on this (or have at least work on advanced level) we could re-open this.
I will put it on hold for now, so we can check it when time's relevant.