This sounds like a great idea!
I have the feeling that many people are not clear on the ability to configure vesting withdrawal routes and so having a tool to clear custom configurations like this could be very useful to hacked accounts.
I visited the page but don't have an account to test with right now. Does the site use steemconnect, and if not, would it be possible to use steemconnect? I think that people would be perhaps more willing to use the tool if this 'trusted' mechanism was in place.
Good stuff @noblebot :)
The idea behind this tool is to remove hacker's account (red marked in the picture) from the Authorities of victim's account so that the hacker can not access the account when master password is changed. We need to use private active key for that. I do not think SteemConnect let users updated their active authorities, and set vesting routes, then only let users change posting authorities. I could be wrong though.
This tool should only be used if a hacker updates active authority and/or changed vesting withdrawal routes.
.
I was wrong then but I found out it can be done as I mentioned here.