Mid-week update ahoy! Gonna stay brief since I’m absolutely worn out from multi-tasking.

I’ve been mostly focusing on improving the general account security offered from our end. It is clear that we weren’t doing enough to ensure users protect their own accounts, so I increased the minimum password requirements and am taking many furhter measures to reduce the possibility of accounts being reposessed by bad entities. Not quite ready to give full details, but I will when I can!

The hardest problem is finding a balance between convenience and security. While I now have everything in place to require two-factor verification across the board, I’m still working out fine details to ensure it is only presented when of upmost necessity. A fine line, but I’m getting to the point where I have a bit of confidence in my strategy.

Along the way, we found out just how many people used fake email addresses or didn’t keep their osu! account up-to-date, so no longer have access to their registered address. While we initially handled these queries manually, it became clear by the point we received over 1,000 support tickets in 24 hours that this was not a viable solution.

Therefore I’ve been working on a semi-automated email recovery system, which should (in most cases) give us enough information to ensure only the actual account holder will be able to take full control over the account.

As always, I strive to have everyone’s best interest at heart and want to continue to provide a safe and enjoyable environment for people to connect, relax and recover from the daily grind.

I hope to finish work on account security modifications this week so I can once again focus my development time on things that matter… like getting osu!next out by the end of this year (I’m sure you’re all aware how unlikely that is now >_<).

A few things to note: