-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
With all of the password hacking that has been occurring, the issue of re-sysopping users is being discussed on WP:ANI.
For admins with PGP/GPG keys, one suggested method for confirming that the admin him or herself has regained control of the account (or is behind the new e-mail) is to use that key to verify the person.
Of course, this only works if the verification occurred before any hack attempts.
I know a number of you have encryption keys (all those pesky attachments and such) so in parallel with the discussion here: http://en.wikipedia.org/wiki/Wikipedia:Administrators%27_noticeboard/Inciden... may not be a poor idea for some of us to either meet in person with out fingerprints, or at the very least perform encrypted challenge-responses with each other, to create a baseline for identification purposes.
Just a thought.
Avi