• RubberElectrons@lemmy.world
    link
    fedilink
    arrow-up
    1
    ·
    17 days ago

    Ah yeah, I’d forgotten about that.

    I’m certain the engineering team considered it, but I wonder why they didn’t pursue having accounts that haven’t signed in for a while issue a notice to the sender, or even have the account deactivate itself.

    Make an opt-out default, you could disable that behaviour if your threat model needed to account for that 🤷