Implement an automated recovery system for Paid Account holders

[gerg]

Title
Implement an automated recovery system for Paid Account holders

Short, concise description of the idea
LiveJournal should implement a system where users who have paid for their accounts can recover access to their account by providing payment information.

Full description of the idea
LiveJournal can sometimes manually verify the identity of somebody who's forgotten their password and lost access to their e-mail account by asking the user for information about a payment they've made to LiveJournal in the past.

This process is time-consuming for the staff that can handle it, and not reliable for users (many of whom don't even know that it's an option.)

LiveJournal should implement a system by which a user who has not logged into their account for 7 days (to prevent someone who, say, steals a user's wallet from taking their LJ account (can't you just picture the "24" episode now?)), who had a Paid Account that LiveJournal still has payment data on, will be directed to a special page after entering their username on the Lost Information page.

This page will ask the user to input the relevant payment information (credit card number and billing ZIP code, or whatever LiveJournal currently uses to do these verifications,) and automatically check if it matches a previous payment stored in LiveJournal's database. If so, the user will be permitted to reset the e-mail address and password of the journal, and will also see a screen with a stern lecture regarding keeping their account's e-mail address up to date. All of the validated e-mail addresses on file with the journal will receive an e-mail informing the user that this process has been done, and giving them 48 hours to click a link in the message if they did not authorize the recovery attempt. This link would then prevent that particular payment information from being used to authenticate journal ownership in the future. After 48 hours, an e-mail would be sent to the new address informing the user that they've regained access to their account.

Note: I'm not suggesting LiveJournal start collecting and storing any financial data that isn't already stored. I doubt that LiveJournal stores actual credit card numbers in their database, but likely a one-way hash of them instead.
An ordered list of benefits

• Users who lose access to their account may be able to recover it.
• Less demand on LiveJournal staff, who can devote more time to other responsibilities.
• Offers users another incentive to purchase a Paid Account (the possibility of recovering an account should you lose access to your e-mail address.)

An ordered list of problems/issues involved

• Possibility for someone (i.e., ex-spouse/SO) hijacking accounts through knowledge of financial information that was used to purchase the account.
• Many users would be unable to use the option, since LiveJournal can only access data from certain payment processors.
• May result in increased workload for payments support staff if the option to do payment verification isn't presented to someone who thinks they should be able to use it.