Re: Passwords

I don't think you have to worry about being seen as spammy for a single
email about a major site infrastructure change that affects user accounts.
 If you were sending emails about every stage of the update, that would be

I would add my vote to Jen's suggestion that the request should be
presented in the form of an announcement about how great it is that you now
only need one password for the whole site.

I'd say that's still true even if the roll-out is in stages, but then you
have to be really clear about what's covered:

* we're working on creating a single-sign-in system to make it easier to
participate in;
* go to this link to set up your password for the new sign-in;
* that new password will apply immediately to sign-ins for wiki edits and
for page comments;
* in the future it will also be your log-in to the issue tracking system
and the Wordpress blog.

Then, all the log-in pages should have some brief information about the
change and *a clear indication of whether to use the single-sign-in
password or the old feature-specific log-in.*

However, even with all that, I would expect that many people (who only use
the site occasionally) won't rush in and reset a password immediately, so a
key aspect of the strategy should be that the new log-in page would, for
the medium term, also have a way for people to type in their email or old
login ID and get the password reset email resent.

That wouldn't have to persist indefinitely -- it's not really a big deal if
someone who only makes an edit to the site once a year ends up having to
create a new account not linked to their old one -- but you don't want to
irritate occasional users.  If it's a hassle to contribute, many people


Received on Saturday, 26 April 2014 15:37:09 UTC