Re: [bitfolk] Proving that you are you

I suppose if people are so concerned about disabling password resets, then it isn't really unreasonable to expect them to send public keys to you instead. You do need a solid way of identifying them somehow, and this is inherently more secure than relying on human verification of potentially faked image data. It also removes a lot of the risk involved in the verification process… either a key matches or it doesn't, but visually verifying images is a much more fuzzy situation. -- Aaron B. Russell http://unadopted.co.uk +44 20 3137 4147