Re: [Savannah-users] Removing old user accounts with no past activity

[Karl Goetz]

On Thu, 30 Jul 2009 16:10:34 -0500
Nicodemo Alvaro <address@hidden> wrote:

> On 7/30/09, Sylvain Beucler <address@hidden> wrote:
> > On Thu, Jul 30, 2009 at 12:35:37PM -0500, Nicodemo Alvaro wrote:
> >> On 7/30/09, Sylvain Beucler <address@hidden> wrote:
> >>
> >> > We're talking about 30-40,000 users, sadly.
> >>
> >> Other than keeping accurate statistics, how will it help to remove
> >> a huge portion of the unknown registered users.
> >>
> >> If it is a hardware issue, I thought Savannah would be getting an
> >> upgrade sooner or later.
> >>
> >> If it is load issue on the database, is there no other way around
> >> this?
> >
> > I don't think there's any performances issue at stake.
> >
> > Keeping accurate statistics sounds important to me, if only to get a
> > clearer idea of far we can support non-full-automated features or
> > make exceptions.  The more users, the more work, the shier the
> > sysadmins.
> 
> The more users does not mean more support requests. More users making
> more support requests means more support requests. I would think that
> administrators may find it exciting that they are helping a site that
> supports 60,000 users. Those 60,000 users are also evidence that free

60K accounts != 60K users.
 
> > In addition I'm generaly in favor of trimming data that is not
> > useful, to prevent it from piling up. I think maintaining data
> > always has a cost, we're experiencing it when migrating the user
> > base to the new frontend in test.
> 
> Why was it not asked "What alternatives can we do to make our
> transition from the old to the new?"
> 
> I think that there must be another way around this. Managing users
> seems to be a recurrent problem across many different systems at the
> FSF. I would imagine that the volunteers could come up with a
> universal system. For example, Davi is working very hard to implement
> an XML-RPC service for GNU Herds and Savannah integration. Why can it
> not be done that there would be a central user account system, that
> Savannah or any other FSF approved system, authenticate against?

OpenID consumer support?

> >> Are there no other reasons someone would login to Savannah without
> >> keeping a record? How about to find the mailing list address of the
> >> project or to contact the developer privately? Some people may not
> >> prefer the system that savannah uses to track issues, so why force
> >> them out of these avenues. I forget which one, but some projects
> >> may not even use savannah's tracking system. Are they wrong to do
> >> this?
> >
> > It's not about enforcing a tracking system.  It just sounds weird to
> > have an account for a year and not having made a single comment in a
> > news or tracker item, and not being part of any project.
> 
> To me it seemed that the way around getting an account deleted forcing
> users into the tracking system in your reply to Randy's case.

Logging in is a good start when 'using' a service, if thats not
happening I wouldn't consider a person to be 'using' the site.
Hopefully $future_version_with_logged_in_field will help.

> > I did not remember about the e-mail obfuscation issues, you're right
> > that people may have registered accounts just to get that piece of
> > information (mailing lists adresses are present on the linked
> > mailman pages but that doesn't apply to the user contact info
> > indeed).
> >
> > So maybe we need to implement a way to precisely identify the "last
> > login" date before trimming accounts, even if they have no past
> > activity.
> >
> > I can however trace a subset of ~19200 accounts that weren't used
> > for the past 5 years - because their password was reset following
> > the 2003 crack and never changed since then.  1400 out of them have
> > a trace on the system.  I'm in favor of removing the other ones.

Not changing passwords could just be a sign of lazyness, rather then
disappearance.

Incidentally, are list memberships included in this checking? eg, if I
join a list 2 years ago, I'm still on the list, and dont bother to log
into the site, am I liable for deletion?
kk

-- 
Karl Goetz, (Kamping_Kaiser / VK5FOSS)
Debian contributor / gNewSense Maintainer
http://www.kgoetz.id.au
No, I won't join your social networking group

signature.asc
Description: PGP signature