What would he have done if he was able to break into one of the accounts he harassed?
Rather than dreaming up hypothetical scenarios about what he didn’t do (but maybe could have?), I am more worried about what a malicious blackhat will do without sending any PMs to anybody. Not “if”, but “when”.
Also, “harassed” is an interesting word for “gave sound advice,
which in some cases was sorely needed.”
Maybe he is doing what he said: Trying to help users to improve their account security, and ultimately to help the forum to tighten security. Maybe?
Maybe he should have written a thread about it rather than going around trying to break people's security, then threatening them via PM. Maybe?
...
I don’t vouch for him; but absent evidence of malice, there is no need for a conspiracy theory. And no need to rehash the first three pages of discussion on this thread.
How else could this point have been made?
By creating a thread in Meta.The response is always either silence, or “new forum software” vapourware which has only been in development for, what, about seven or eight years?
However, methods like this are inacceptable
At least he understand the problem now.
I can't say I grasp the series of events and the timeline, but warning someone about a potential issue with their password, then demonstrating that it was an issue after being ignored without compromising anything seems like the right way to do it? How else could this point have been made?