I fully agree Jeremy. In this case I also cannot see what the security problem
toggle quoted messageShow quoted text
is which is supposed to be being solved. Only the invitee receives it, and even
if they ask for trouble by forwarding it to someone else, responding to it only
results in acceptance of the invitation by the original invitee. I don't see
how it can give access to his/her account or to the system to anyone else. It
isn't like a login link, which could do that.
On 16 Apr 2021 at 5:19, Jeremy H via groups.io wrote:
While having invites last, unexpired, for ever is not desirable, having them
expire after only 24 hours goes far too far to the other extreme. As others have
said, many people - not just the less tech inclined - do not look at, or respond
to e-mails every day - and it is unreasonable to expect them to do so. Nor is an
invitation to join a group the sort of thing necessarily calling for an instant
So I would regard 14 days as a minimum, before they expire. And when they do, I
would suggest that their status be changed to expired (or something like it).
Nor I do not think there should any subsequent automatic deletion (or at lest,
not for years); rather they should stay (and able to be resent) until manually
cleaned up (and a deletion tool to assist this, based on status and time, would
be very useful),
On Thu, Apr 15, 2021 at 09:53 PM, Mark Fletcher wrote:
I've made the following changes:
- We no longer will delete invites after 14 days.
- Invite links will expire 24 hours after the invite has been sent. That
means clicking the link or replying to the invite email will no longer
work, and you'll get an error message instead.
Please let me know if you have any questions.