Deleting users who have never logged in
moggers87 opened this issue · comments
Matt Molyneaux commented
This should happen if a user hasn't logged in after 1 month of account creation.
It doesn't cost us anything to keep the data but in the event that there's a database leak and our password hash is bad (both unlikely, but it could happen) we would be putting users at risk if they reuse passwords (as so many do)