A. You're now allowing people to hop, and even name change. Let's say they'll allow that. But I think both of those are things that will have to be agreed upon if it's done at all.

B. You're missing the password. Every instance should have a unique salt, passwords should NEVER be reversible, and never be stored insecurely (AKA before salting the hash for instance). I use a different password for every site, but I've had sites tell me "Your password is X" ... holy shit that's a HUGE security flaw for multiple reasons.

So if I'm migrating and don't need to set a new password, that'd be questionable.

C. This can be done unscrupulously. If I get control of someone's account, I can migrate it and essentially steal all their accounts and posts. For 99 percent of us who cares, but let's say there's a post from "Justin Bieber" and I get his account, migrate it, use a new password, and now make his posts say "I don't suck cocks"...

It's probably more important when it's a big game studio who posts update and such to Lemmy somewhere but the point is accounts will have a huge value eventually, letting you migrate it with a click might be dangerous.

[–] crystal@feddit.de 0 points 1 year ago

A. If you want to hop you can already just create a new account. What's the issue with taking ownership of your posts with you?

B. Just migrate the salt, too. A server can have per-user salts, which may be migrated together with the hash.

C. If you already have control over someone else's account, what additional benefit does migrating serve?