[dredmorbius]

Given the negative consequences (DoS) of an unauthorized account deactivation, this is actually a fairly reasonable protocol.

The challenge of electronic services is in identifying your customers. Especially when you're doing something allegedly on their behalf. Double-especially when that has permanent state/data loss consequences.

[wodenokoto]

Who the hell knows which month they signed up? I signed up over 6 years ago.

I think it is unfair to expect people to save their original email confirmation mail for upwards to 10 years (skype was released in 2003), especially given that nowhere in the mail it says that this is really important to keep.

[dredmorbius]

I can top that.

A good friend's AOL email account was compromised. They'd been AOL customers (paid) for years, though when the email service went free, they discontinued payment and got broadband service from another provider.

AOL insisted that they give the credit card number that had been associated with the account. A card which hadn't been used and hadn't existed for years. Needless to say, it wasn't available.

For all I know, that email account is still active and valid, though hopefully no critical information is being sent to it.

Again: figuring out how to identify your true customer (or user) is hard.