On 15-02-19 09:27 AM, MZMcBride wrote:
n a second or third iteration, we'd ideally have an intermediate post-login screen that allows the user to select an account to use.
That would be a catastrophe, from a privacy standpoint; even if we restrict this to verified email addresses, there is no possible guarantee that the person who controled email address x@y in the past is the person who controls it today.
It would also have horrid security implication if you allow further creation of accounts sharing an email (which would be necessary to make that feature useful): create an account with the email of someone you want to find the Wikimedia account of, log in, be presented with the accounts.
-- Marc