Yahoo! Deactivation Design Issue

October 20, 2010 at 21:44 (web dev)

Although I would like to reproduce this behaviour to be sure it wasn’t a fluke, today I discovered what I consider a design flaw in Yahoo!’s automated account deactivation logic. On the one hand, there is an option during login to “Keep me signed in”, which will keep the user signed in indefinitely on that computer and browser until cookies are cleared or the user signs out. On the other hand, there is a policy to deactivate accounts for which the user has not signed in for some set period of time. The problem is that one can be using Yahoo!’s services every day without signing in, and then suddenly discover that the account has been deactivated when signing in on another computer. While my experience with this problem resulted in no data loss, it was still a bit unnerving. What if that archive of emails and contact information going back several years had been lost?

I plan on reporting this to Yahoo! as soon as I can reproduce it to be positive it is a consistent problem.

Web developers beware! If it can happen to a large corporation with vast resources, maybe it could happen to you too.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: