Please keep the _sysop_ accounts with empty/trivial passwords blocked indefinitely -- now people know they exist, they can easily be searched for by any potential cracker, with potentially disastrous effects.
Agreed.
Perhaps some of these trivial-password sysop accounts could be re-activated manually on request, if they have an E-mail address that can be manually or automatically verified by an E-mail exchange with the purported owner? Otherwise, it's going to be quite difficult ever to verify ownership for these accounts, and they should probably remain locked indefinitely.
Tough. Besides, I fear it would be all too simple to reclaim ownership of an account that wasn't yours by doing a nice little email exchange, as described. How would you prove that you were that person? Too many what-ifs.
Rob Church