[golem14]

Since the impact of the account is presumably known to Microsoft (through telemetry etc), they probably know when these accounts get turned off, and can mark them in case the owner comes back and tries recovery.

Microsoft would not have to automatically and 100% correctly reinstate the account. The goal would be to get high level cases like this one in front of a knowledgable human before the locked account posts angry owner posts complaints in public (If Joe Bloe's defragmentation utility noone has ever heard of and only having 10 installs goes bad, noone would care.)

Here, they don't have to be perfect - you just need to have enough signal-to-voice ratio that employing a very small number of people outweighs the cost to PR and execs to deal with these cases, and to not let accounts get hacked through recovery.

The response from Microsoft [1] is not great, or makes me hopeful.

``` Pavan Davuluri, Microsoft's President of Windows and Devices, said both Idrassi and Donenfeld should have their accounts restored "soon."

"We've seen these reports and are actively working to resolve this as quickly as possible," Davuluri Xeeted. "We've reached out to VeraCrypt and have spoken to Jason at WireGuard, they should be back up and running soon."

He explained that both deactivations were executed as part of the Windows Hardware Program's account verification procedures.

The company published a blog in October, giving devs a two-week warning that if their accounts had not been verified since April 2024, Microsoft would issue mandatory account verification notifications.

"We worked hard to make sure partners understood this was coming, from emails, banners, reminders," said Davuluri.

"And we know that sometimes things still get missed. We're taking this as an opportunity to review how we communicate changes like this and make sure we're doing it better."

```

[1] https://www.theregister.com/2026/04/09/microsoft_dev_account...

[drewfax]

> make sure partners understood this

Since when they were partners to Micro$lop? First, it's thug like behavior taking the ability to run code on our own computers without their approval. Second it's even more evil justifying this behaviour by calling the developers "partners".

[Root_Denied]

The reality is that unless and until the PR hit from failures like this impact their stock price or their bottom line, companies won't care to fix the processes that created them.

[golem14]

I don't know it's that clear cut. A constant drip of bad stories does hurt the reputation over time, and it's hard to get it back.

But I agree - in the moment, the impact is barely visible, so management would have to put up a fight to spend $$$ on a fix. The way of least resistance is to issue a press release as shown above.

[donmcronald]

It could be dead simple. Lock the account, but let the owner temporarily unlock it for X days so they have enough time to undergo verification.