© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
513534c
demo site
(Get the code!)
The suggested change is already in production, and at least the page is now not entirely misleading :)
I'll leave the bug open because I agree that it's worthless for non-Canonical employees (but that was potentially the case before, anyway).
I was thinking about postponing further updates until we have the 2fa backup enforcement measures in place (lost your device? use your backup device to log in and delete the lost device immediately), and we can definitely think about messaging for people to report lost devices if they're not in a position to delete them swiftly.
This still falls in the "we cannot act on unverified action requests" bucket, so anything we do would need to take that into consideration. When the user is in a position to prove their identity more positively (via ssh/gpg key or backup device) they are also potentially in a position to self-delete the compromised device.