Hello,
We are in the process of implementing some new account security features.
This is to further protect our users from account theft.
As of right now you can set up a secret question in your Account page, these will take effect 24-48 hours after you change them; the delay is for security purposes. A typical usage scenario: Somebody steals your account, they change your password, they even change your email address, and they change your secret question, however their change did not take place immediately, leaving you up to 48 hours to restore your account and "take it back", repairing any changes they made.
This delayed onset change enables us to give you the power to perform the change.
Also note that any security question change will override ANY pending, so even if an attacker changed them, if you go in and change them back, their changes will be cancelled immediately.
We are also enhancing our overall site wide form system, to include additional security steps. This will take place after the roll out of security question is completed.
Right now you can set up your secret question while logged in OR on registration of a new account, shortly this will be supported in our Forgot Password feature, once it is there we will place an alert on the site to encourage users to set their secret question, as all existing users will not have one.
It is very crucial to act promptly and set up your security features so you are protected as soon as possible.
We will also be placing captcha verification (anti bot) for people who abuse the login process by repeatedly trying incorrect passwords, this will be locked to the overall IP and the interruption will be minimal provided you are a person and indeed, not a computer program.
I will keep you posted
As of right now account email editing has been reactivated also
