[Catalog-sig] Mandatory Reset of PyPI Passwords
M.-A. Lemburg
mal at egenix.com
Wed Feb 13 13:27:29 CET 2013
On 13.02.2013 13:13, Antoine Pitrou wrote:
> Richard Jones <richard <at> python.org> writes:
>> 3. send email to all registered users indicating that all users must
>> change their password and a forced reset will take place in a week's
>> time for users who have not done so, and
>
> What about users who've already changed their password?
Depending on the number of users you might rather want to use
a banner on the website and a blog post instead of emailing
them directly.
Given the >11k users on the Python wiki, we chose not to send
out emails... just think of the number of emails with questions
you'd get and have to answer.
Regarding the timing, I'd use a longer period. People don't
do releases every two weeks and you normally don't check in
to PyPI to search for a package.
--
Marc-Andre Lemburg
eGenix.com
Professional Python Services directly from the Source (#1, Feb 13 2013)
>>> Python Projects, Consulting and Support ... http://www.egenix.com/
>>> mxODBC.Zope/Plone.Database.Adapter ... http://zope.egenix.com/
>>> mxODBC, mxDateTime, mxTextTools ... http://python.egenix.com/
________________________________________________________________________
::::: Try our mxODBC.Connect Python Database Interface for free ! ::::::
eGenix.com Software, Skills and Services GmbH Pastor-Loeh-Str.48
D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg
Registered at Amtsgericht Duesseldorf: HRB 46611
http://www.egenix.com/company/contact/
More information about the Catalog-SIG
mailing list