2007/4/29, Thomas Dalton thomas.dalton@gmail.com:
Wikipedia should be more user friendly than that. No need for us to act like BOFHs.
Do you have a suggestion for how to handle it? If we can't confirm someone's identity, we can't give them access to the account, however friendly we may be.
Well, to make the request one would have to know that it's an account that is hit by the measure. That means that either one knows the password is equal to the login name, or one has guessed it. In the first case they are the correct person. In the second case, they basically have done some password cracking, which even with an easy password is not a trivial thing. I would say that for an active account, if there is only one request within a reasonable timespan, it would be safe to assume it comes from the user him/herself. For inactive accounts I would say "too bad, get a new one."