Please keep the _sysop_ accounts with empty/trivial
passwords blocked
indefinitely -- now people know they exist, they can easily be searched
for by any potential cracker, with potentially disastrous effects.
Agreed.
Perhaps some of these trivial-password sysop accounts
could be
re-activated manually on request, if they have an E-mail address that
can be manually or automatically verified by an E-mail exchange with the
purported owner? Otherwise, it's going to be quite difficult ever to
verify ownership for these accounts, and they should probably remain
locked indefinitely.
Tough. Besides, I fear it would be all too simple to reclaim ownership
of an account that wasn't yours by doing a nice little email exchange,
as described. How would you prove that you were that person? Too many
what-ifs.
Rob Church