On 14/11/11 22:18, Merlijn van Deen wrote:
This message is actually not true. Visiting the page is /not/ enough to reset the trigger: you /also/ have to log in! And considering it is only a welcome message, there is no reason to reply, and thus no real reason to log in.
The welcome message might actually be *detrimental* in these cases: if the welcome message is not posted, the next message - hopefully one which requests a reply - will be the one to trigger the e-mail.
One possible way to improve this would be to add information to the url, which links to the user (i.e. add ?token=abcdefg to the url) - but I don't know if this is a good idea in terms of privacy.
Best, Merlijn
That was the only clear thing to improve I concluded so far from this thread. If we are sending https: links in the emails (which we should), there should be no problem with it. Of course, other wikis should be able to not provide that token for watchlist links. (Although just the normal link pluys a bit of timing is probably incriminating enough)