But sorry to say, if implement any security policy would be a barrier to him why then do we have merits system?
Because from my own point of reasoning security policies can be liken to be as merits restrictions because, what does it mean for someone to be here without having a total freedom of ranking, same it's to security measures because I don't see any reason for one to be here without a proper security protections. If so the forum would had been that open for everyone to rank without any restrictions, anyway not that I am trying to deviate from the main purpose of this topic, but we must know is something that is called for.
The point of the forum is just to hangout with like-minded individuals, it's just an account (nothing special) we shouldn't be giving too much value to it with all the security measures we're requesting for. Merit isn't a security measure. There wasn't any merit feature before, it was just implemented 5 years back when the industry begin to gain more attention and the forum began receiving more spammers in their numbers farming the forum for bounty/signature and it resulted to much spam. The merit system is needed but the other security features isn't. No big deal in forgetting your password and requesting for a new one. The procedure is automatic and mightn't need any moderators intervention when you have a valid working email so no big deal there.
As funny as that sounds, it's the truth. There was a time I spent some hours in contemplation on that. Even a common thing as a 2FA or email verification when one logs in, the forum doesn't see any reason to implement any. I mean, that can further strengthen accounts security.
That's my point exactly, like the forum was created with an opened and free minded approach. Satoshi/theymos didn't want to create any discomfort with registration and using the forum but we're the ones complicating things with all our unofficial rules and regulations. What we should be concentrating our security awareness on is our Bitcoin wallet and not the forum but I understand SmartGold01 advice and acknowledge that she meant no harm but it's left for each of us to decide how we want to keep our account safe and bare the consequences of our actions. OP resetting account password on and off the forum isn't a crime or bad, it's even recommended to keep your accounts more secure but make sure you can defend yourself properly without any doubt when your attention is called upon.