[stars & stripes forever]

IMO, some “new old timer post are from Woke children who came upon their parent’s login info.

[Lazamataz]

IMO, some “new old timer post are from Woke children who came upon their parent’s login info.

True, but two-factor authentication would prevent even that. The odds of a child having access to their parents phone is much less than just simple password/username entry.

Which actually brings me to another point: Logins should expire. Right now, once you are logged in, you stay logged in forever. That cookie or certificate should be set to expire, say, once a month.

[Charles Martel]

IMO, some “new old timer post are from Woke children who came upon their parent’s login info.

I think there's some of that going on, for sure. I remember when it was common for registered users' spouses or children to sometimes post without bothering to register a separate account (though usually they'd note it in the comment). Even if they forgot to post that "sub-user" identity, there was usually a different tone to those posts that readers would notice.

It might be wise to restrict posting privileges on accounts that have been dormant for a period of time - say, 90 days.

Trying to add dual authentication and other measures is a good idea for security, but our user base may not be receptive to that. It'll be tough to find middle ground.