Board Thread:General Discussion/@comment-294719-20130724192905/@comment-294719-20130726194606

Princess Platinum wrote:

Starfleet Academy wrote: That I like. :) I don't really give a stuff about my IP showing up. I'm more worried about a bot operating the kick button, while the cracker is leisurely resetting one's password.

Your system could be automatic if it weren't for users logging onto Wikia in multiple browsers.

Btw, if it's a "kick" button, it must be that: a kick; in other words 60 second block at the most.

I see this like every other security feature on the web, sadly. It's great until it's reverse engineered to become evil. :P Which it always will xD There would be systems in place to make sure accounts aren't hijacked with this feature enabled (or at least are able to be recovered very quickly). I already have a system on my main wiki to ensure that hijacked accounts can be stopped and recovered. Due to the way it's designed, that system could be used alongside the Session Manager to help recover a lost account by proving that the person requesting recovery of it is in fact the true owner of the account.