Communities

Writing
Writing
Codidact Meta
Codidact Meta
The Great Outdoors
The Great Outdoors
Photography & Video
Photography & Video
Scientific Speculation
Scientific Speculation
Cooking
Cooking
Electrical Engineering
Electrical Engineering
Judaism
Judaism
Languages & Linguistics
Languages & Linguistics
Software Development
Software Development
Mathematics
Mathematics
Christianity
Christianity
Code Golf
Code Golf
Music
Music
Physics
Physics
Linux Systems
Linux Systems
Power Users
Power Users
Tabletop RPGs
Tabletop RPGs
Community Proposals
Community Proposals
tag:snake search within a tag
answers:0 unanswered questions
user:xxxx search by author id
score:0.5 posts with 0.5+ score
"snake oil" exact phrase
votes:4 posts with 4+ votes
created:<1w created < 1 week ago
post_type:xxxx type of post
Search help
Notifications
Mark all as read See all your notifications »
Users Search
Help Dashboard Sign In Sign Up
Q&A Blog
Q&A
Posts Tags Edits
Ask Question

Welcome to Codidact Meta!

Codidact Meta is the meta-discussion site for the Codidact community network and the Codidact software. Whether you have bug reports or feature requests, support questions or rule discussions that touch the whole network – this is the site for you.

Comments on Please allow a user to permanently delete their account

Parent

Please allow a user to permanently delete their account

+8
−1

Please allow a user to permanently delete their account, without the current mechanic of writing an email to the support, writing another email for approval, etc.

Please just have a simple button to permanently delete the account.

feature-request
posted almost 2 years ago
2y ago by Zakk‭
deleted user
History
Why does this post require moderator attention?
You might want to add some details to your flag.
Why should this post be closed?

3 comment threads

Deletion itself needs some changes too. (3 comments)
I completely agree with you. 1. You own your data. 2. Your account is your data. 3. (1)+(2) => Y... (5 comments)
Probably a dupe (1 comment)
Post
+8
−1

The current email path (and asking you to prove you control the account, because email can be spoofed) is a stopgap. We do want to allow you to delete an account more directly. If you could make the request from the site, for instance, then the fact that you're signed in would already demonstrate control of the account, so we could skip that confirmation step.

It's not quite as simple as "just delete the account on request", because we want to have some mitigation for abuses like serial spam/trolling. If you delete and immediately re-create an account, for instance, that's something we would want to be able to record, so that we can tie the activity of the two accounts together internally. We haven't built that tooling yet, or even worked out what exactly it should include, so currently account deletion includes somebody taking a quick look for suspicious activity first.

We want to give community members as much control as possible; it's part of our raison d'etre. We also want to protect communities from "easy" abuse, because supporting communities is also part of our raison d'etre. I'm sorry we don't yet have better tooling for the latter that would help the former, but we do aspire to get there. We're not trying to nanny or second-guess you; this is just the best we can do right now. It's not ideal and it doesn't scale.

Upodate (2022-12-28): we now have soft deletes, which mitigates the abuse concerns (the data is still in the database, just not shown). The remaining piece is a "delete profile" option for the user, which should probably send email with instructions for how to change your mind and maybe a time limit for doing so.

posted almost 2 years ago
1y ago
user card
Monica Cellio‭ staff
62 350 2125 785
History
Why does this post require moderator attention?
You might want to add some details to your flag.

1 comment thread

-1 because > What are the types of DOM nodes? > It's not quite as simple as "just delete the ac... (8 comments)
-1 because > What are the types of DOM nodes? > It's not quite as simple as "just delete the ac...
deleted user wrote almost 2 years ago · edited almost 2 years ago
copy link

-1 because

It's not quite as simple as "just delete the account on request", because we want to have some mitigation for abuses like serial spam/trolling. If you delete and immediately re-create an account, for instance, that's something we would want to be able to record, so that we can tie the activity of the two accounts together internally.

That's not recording, it's two different accounts created in some time gap.

It's not the user's fault if you don't check for IP/cookies/content interest/whatever.

95% of the application I ever used give an option to permanently delete an account, even Facebook (which only limits it to 30 about days of on-hold state before total deletion).

Monica Cellio‭ wrote almost 2 years ago
copy link

If we did "on hold" then we could do it immediately (as visible on-site). That's a good point.

I'm not sure what you mean about IP/cookies/content interest and DOM nodes.

Zakk‭ wrote almost 2 years ago
copy link

Monica Cellio‭

If you could make the request from the site, for instance, then the fact that you're signed in would already demonstrate control of the account, so we could skip that confirmation step.

Yes, and a Delete Account button does just that. Much better than sending an email.

we want to have some mitigation for abuses like serial spam/trolling.

Well, you can have that with a Delete Account button!! For example, queueing the request for later processing. This will serve as a base for future automation, if it cannot be done at the moment.

Zakk‭ wrote almost 2 years ago · edited almost 2 years ago
copy link

deleted user

It's not the user's fault if you don't check for IP/cookies/content interest/whatever.

I agree. But apparently, this process is not yet implemented. And it should be.

deleted user wrote almost 2 years ago
copy link

Monica Cellio‭ I understand that you could examine IP addresses, browser cookies (perhaps) and also fields of interest of the alleged "troll" or "spammer" or "abuser" and then reach a finite conclusion among yourself community managers if any block is required, if at all.

Monica Cellio‭ wrote almost 2 years ago
copy link

Adding a "Delete" button that soft-deletes the user immediately (in the UI) and queues the actual deletion (in the DB) for later seems like a good solution to me. I agree we should have it; my answer was to explain why "delete for real right now" isn't implemented yet. We do want to make this more self-serve.

deleted user wrote almost 2 years ago
copy link

Monica Cellio‭ if I understand you correct you support adding a user account deletion with "grace period" ASAP.

Zakk‭ wrote almost 2 years ago · edited almost 2 years ago
copy link

Monica Cellio‭ Unfortunately(1) (and fortunately(2)), I can't jump into the codebase and help.

1 Because I don't know Ruby.

2 Because I don't know Ruby.