pidgin: b05f9366: Password reenter prompt only for account...
elb at pidgin.im
Fri Jul 3 15:53:46 EDT 2009
Mark Doliner spake unto us the following wisdom:
> On Fri, Jul 3, 2009 at 10:24 AM, Sulabh Mahajan<sulabh.dev at gmail.com> wrote:
> > Since we are discussing, why do we ask the user to reenter password only for
> > the accounts that do not save the password. Why don't we do so for those
> > accounts where password is saved. If the server is saying that password is
> > incorrect, user will have to eventually change the password.
> I think maybe the reasoning might have been that if the user is saving
> their password then they've probably had their password set correct
> for a long time, and it is more likely that the server has a bug and
> is incorrectly telling us our password is wrong even though it isn't.
> And in that case we don't want to force the user to re-enter their
> password. I'm not sure that's really a valid concern, and I'm in
> favor of always setting the password to NULL for all protocols.
While I have no strong feelings either way on this matter, I will
point out that a lot of users have no idea what their password is, and
if we go around deleting it, they may never be able to log in again.
The laws that forbid the carrying of arms are laws [that have no remedy
for evils]. They disarm only those who are neither inclined nor
determined to commit crimes.
-- Cesare Beccaria, "On Crimes and Punishments", 1764
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 481 bytes
Desc: Digital signature
More information about the Devel