duckboycool wrote:

I agree with this, but the problem is that most people use the same password for things like Scratch as they would things like their e-mail, so it may not be the most effective.

WolfCat67 wrote:

Isn't that what the “2-day-sign-in” thing is? If you press “Delete your account”, then signing in within the next 48 hours will immediately stop that account deletion request.

VideoGamerCanInvent wrote:

If you mean the email you used to create the account, then no support.

If your account were to get hacked, they would simply go into Account Settings and take a look at your email, making the removal of your account.

(Possibly) No Support

VideoGamerCanInvent wrote:

If you mean the email you used to create the account, then no support.

If your account were to get hacked, they would simply go into Account Settings and take a look at your email, making the removal of your account.

(Possibly) No Support

jromagnoli wrote:

VideoGamerCanInvent wrote:

If you mean the email you used to create the account, then no support.

If your account were to get hacked, they would simply go into Account Settings and take a look at your email, making the removal of your account.

(Possibly) No Support

They would have to hack your email, something tedious and hard to do.
Most people would stop then.

DeleteThisAcount wrote:

but I wana be able to delete my account easily

braxbroscratcher wrote:

DeleteThisAcount wrote:

but I wana be able to delete my account easily

It would be easy. You do what you do now, then you click the link sent to your email. Two steps.

DeleteThisAcount wrote:

braxbroscratcher wrote:

DeleteThisAcount wrote:

but I wana be able to delete my account easily

It would be easy. You do what you do now, then you click the link sent to your email. Two steps.

i like one step better

mario91100_TEST wrote:

This is simply a suggestion to add an e-mail confirmation before terminating an account. Currently, all you have to do is go to your account settings, and click the “I want to delete my account” link. Then, you have to click the “Yes, next step” button on the bottom of the page, enter your password, and your account is deleted. Really?

If somebody successfully hacked into your account, deleting it shouldn't be this easy. Adding an e-mail confirmation (sending an e-mail to a specified address, probably the one used to create the account) would increase security and make it harder for a hacker to delete your account.

Now this does come with an inherent flaw; what happens if you lose your email password? Well, there is generally a “forgot password” option attached to email services that allows you to recover a password in a variety of ways. If you don't have this set up, or are using a service without a “forgot password” option, then that's you own fault for forgetting your password; it's not related to Scratch, or the deletion of your account.

Original post wrote:

Title.

I don't visit the site much anymore, but, just out of curiosity, I went onto my now defunct NowhereCollabs account and decided to see what happened when I tried to delete it.

The only thing separating you and your account being deleted are two buttons and a password field.

Really? If someone were to hack into your account, this makes destroying your account forever ridiculously easy. A two day “sign-in-to-keep-your-account” period isn't going to stop most hackers. If they can crack your password once, and do it invisibly (read; no comments, no projects moved to trash, etc.), most will keep doing it until they succeed.

This method is incredibly flimsy and easy to get through, so I suggest adding an e-mail conformation before deleting an account, and having this conformation expire after two days or so, and upon acceptance, delete the account as the user wanted. This will make it harder for hackers to delete accounts maliciously, and make account deletion for those actually wanting to a bit faster.

UPDATE; We really should have an e-mail confirmation for e-mail changing, too, though that might need to be fiddled with as well, if you're changing your e-mail if you forgot the password to it. (Submitted in part by both Firedrake969 and scratchisthebest. Thanks, guys!)

Supporters (~30);

~snip, because it really doesn't matter~

EDIT 4/26/2017; New topic got merged with old one, bumped so the only topic could resurface; I didn't bump this post because I didn't want to risk necroposting.

EDIT 4/29/2017; No, this does not mean you simply enter your e-mail like you do your password to delete your account. It means that a confirmation e-mail is sent to the specified address, probably the one you used to make your account.