[netik]

Lyft is not the only company that will do things like this. Twitter tried this with Twitter Digits, and Yahoo offers single-factor phone based recovery. In all of these cases, companies are sacrificing convenience for security.

[joshstrange]

"companies are sacrificing security for convenience" FTFY

[agustinhaller]

You are right. After reading this I requested Uber to delete my account as i was using a prepaid phone while visiting the US. I was very disappointing as they don't have an easy way to delete an account, you need to send an email explaining why.

[joshstrange]

Just to be fair account deletion is not a super easy thing. It may seem easy "DELETE FROM users WHERE id = '123';" but you also need to delete all of their related records. Let's say you have a user table with use username, hashed password, and id in it and then all that address/DOB/etc in a users_data table or similar. Now you need to delete the users_data record as well. But that's not all, what about all the transactions in the "rides" table. They are related to the user but we need to keep them for historical data and/or reports. It can get messy VERY quickly and if the application is changing quickly then your "delete user" logic might leave behind new user data that it doesn't account for.

What I'm saying is that while I do find it mildly annoying that there is no "Delete Account" button there are good reasons for it. Not is this a non-insignificant amount of work to build/maintain but from a business point of view it means spending time/money on a feature that is only for people who no longer want to be your customer so put in that light it's no surprise this feature falls by the wayside often. Also there is the whole "I accidentally deleted my account" (no matter how many warning you put up) and that means you either need to "soft delete" all the data so you can "undo" OR you have to reconstruct the user's data from a backup (either programmatically or by hand).