Sort:  

The 30 day limit was always a part of the password recovery.
To sell an account, you hand over the password and the new owner changes it. With the recovery function, the old owner could just change it back. So right now a 30 day escrow is used for those deals. That's a rather long time window already, in favour of those that need to recover from a hack.

If the limit were just removed now, any previously made account trade could be reverted by the old owner. So that's not possible.

I understand the reasons for security. I think there could be provisions added to this 30 day limit that would protect those who can prove ownership of accounts if they are not successful in recovery for circumstances beyond their control after the time frame ended. It is something worth considering. At the time I tried account recovery during those initial 30 days, no box appeared telling me I had a 30 day limit the way it does today. If it was written in Steemit's protocol, it was not clear to the new user trying to recover his or her account at the time.

You are right. Thinking about it, something like re-enabling the recovery option after a year without outgoing transactions could be a fine solution. I'll try to start an "internal" discussion about it, let's see if it leads anywhere.

//edit: so that's a clear statement. steemit inc feels not responsible. And in some way it's understandable, regarding their workload and the complexity of a change like that. I don't know who else would be capable to modify the recovery feature, which could be a last straw. Good luck.

sneak
8:09 PM
long story short: nothing we can do about it. it's her account, not ours. keeping keys safe is the responsibility of everyone who uses a blockchain of any kind.

//edit2: Not so fast! @ned seems to like the idea I proposed. Still good luck! ;)

Thank you. I hope we can come up with a solution that makes everyone happy.

hey u know U made an account callled @steemitescrow just for stuff like this and wanted trusted whale to hand it over to! would u like it?
ii also gave an account ito someone who diidnt wana wait when we first had a waiting list, and i helped @cryptocoinupdate by handing him over the eys dierctly tho aand i deleted them and he changed password, should i have waited and gone thru escrow? and et me know i u would like the @steemitescrow account i am glad i registered it before someone bad might haave!

Hey, thanks for the offer, but that account name is not something I use.
It's a pretty specific, yet important, issue - steemit is just steemit.com, which is run by a U.S. company. I don't wanna affiliate with them by using an account named the same.
It was a great idea to register it, I'd recommend to just let it sit there and do nothing.

Handing over an account to a friend is fine, escrow is only needed if you buy one. The old owner has 30 days in which he can change the password back using the old.