Site Maintenance and security updates discussion

Due to security and database integrity concerns, we intend to institute a password change across the board for every account on March 31st.  After that point, your password will be reset and you will need to request a new one.  

This servers several purposes, including helping to prune older non-used and duplicate accounts.  We also intend to prune users who have not logged in for over 365 days.  We also need to consider pruning forum threads which have not been updated for 365 days.

VERY IMPORTANT : Check your account to make sure that the e-mail address is correct and up to date.  With one month's worth of advanced notice, when your password is reset, if your e-mail address is not correct, you will simply be out of luck.  You DO NOT have to make your e-mail address visible to the rest of the world, but your account MUST contain the correct e-mail address.

[Piru]

We also intend to prune ... forum threads which have not been updated for 365 days.

Is there any particular reason for this, other than cleaning up the system?

I would imagine several historical and otherwise important threads could get pruned. For example I often use search function to find a link to older thread that already covers some particular topic.

[cecilia]

Piru wrote:
I would imagine several historical and otherwise important threads could get pruned. For example I often use search function to find a link to older thread that already covers some particular topic.

this disturbes me as well. there are some threads that I have listed in my "Notifications" that are there for occassional perusal (and laughs).

while there isn't much left to say in those threads, they still provide a use. at least to me.

[whabang]

How about just pruning the coffee house?

Notice updated and adjusted.

[ltstanfo]

Everyone,

The security password change has been needed for some time, especially in regards to certain users who claim that their accounts have been hacked.  I am glad to see that Wayne is taking action on this item.

With respect to cleaning up the forums database, it has become quite large and really should be optimized.  I do tend to agree with others here about some of the forums needing to be maintained for archival purposes (AMIGA related) so I would like to suggest to Wayne that only the Coffee House forums be cleaned up, using the rule he listed.

Regards,
ltstanfo

[bloodline]

ltstanfo wrote:
With respect to cleaning up the forums database, it has become quite large and really should be optimized.  I do tend to agree with others here about some of the forums needing to be maintained for archival purposes (AMIGA related) so I would like to suggest to Wayne that only the Coffee House forums be cleaned up, using the rule he listed.

Aye, probably for the best... Maybe keep sock related threads though... ;-)

I apologize if I have been less than clear on the password reset.  Here's how it will work:  

On March 31st, I will reset all passwords on all accounts to a random password.  You will have to use the lost password function to request a new password to be sent to you.  If your e-mail address in your account is not valid, your account will be unable to get a new password.  We will NOT hand out manually new passwords to those who forget to update their e-mail address ahead of time.

If you do not have a valid e-mail account (as is the case with most bogus accounts, your account will -- in essence -- become unusable.  You have over a month's worth of advance notice, there is no acceptable excuse for not following through.

[dammy]

Wouldn't it be more prudent to drop xoop and go with something that is proven, like slashcode?

Dammy

I wouldn't mind going with something else, but a slashdot style site is the very opposite of what we need.  Was looking at another package as you may remember, but the amount of work involved means it would be far easier just to dump everything and start all over again.

If people are upset at the need to prune the forums, God forbid we think about going with some other package.  It would be anarchy.

On the positive side, such a "reboot" would allow us to both refocus the site and to get rid of several of the problems we suffer from now.

Thoughts?

Wayne

[Trooper]

What about Invision Power Board, A lot of forums use that package and it`s very easy to use from a user (ie forum members) point of view.

Trooper

Though Amiga.org (and indeed the Amiga community) may be a shadow of what it once was, it's not just a forum.

[RacerX]

by Wayne on 2005/2/23 12:46:28

I apologize if I have been less than clear on the password reset. Here's how it will work:

On March 31st, I will reset all passwords on all accounts to a random password. You will have to use the lost password function to request a new password to be sent to you. If your e-mail address in your account is not valid, your account will be unable to get a new password. We will NOT hand out manually new passwords to those who forget to update their e-mail address ahead of time.

If you do not have a valid e-mail account (as is the case with most bogus accounts, your account will -- in essence -- become unusable. You have over a month's worth of advance notice, there is no acceptable excuse for not following through.

A couple of quick questions:

1)  After we get the new random password via E-mail, can we log onto our accounts and change the password back to what it was?  Or does it have to be different?

2)  If someone doesn't get his new password (say he doesn't check his E-mail for a month) couldn't he log on as a new user and make a new account?

[Argo]

Ack, No...
Also, we're not a forum site.

[yogisumo]

Questions:
   1) How large is the database?
   2) Is is possible to "export" in a reduced/changed format?
   3) Would it be possible to allow access to it in "archived" format?
   
   This would allow you to move to different software and still allow access to "archived" versions of the old database.

Just a thought...