How to handle various common support issues.
Support emails come in to the sr.ht-support mailing list, which you should have read/write access to. When you intend to field a support request, mention the email in the sr.ht-staff IRC channel to avoid conflicts with other staff who might be looking at it.
User identities need to be verified, and accounts with two factor authentication must be verified with two factors, before any disclosure of account information via email or any modifications to their account.
Preferred factors include:
ssh-keygen -Y sign -n file -f ~/.ssh/<key> message.txt
ssh-keygen -l -f <key>
and
ssh-keygen -Y check-novalidate -n file -s message.txt.sig <message.txt
matchThe last four digits of the credit card on file is sufficient to prove the user's identity only for the purpose of billing-related support matters, such as cancelling or refunding their payment or transferring billing information to a new account.
If the user is unable to verify their identity, refuse their support inquiry.
Users can perform self-service account deletion by logging into their account and running the delete process on meta.sr.ht. This is preferred to admin intervention since it does not require us to separately verify the user's identity. However, admins can also manually delete accounts via the user dashboard.
Clarify that it's prioritized for the beta but not available now, and suggest that they register a new account, move their data over manually (using import/export features et al), and ask for their billing info to be transferred to the new account.
This is a common support request, and it is important to re-enforce when handling this request that the user needs to use two factors to prove their identity even when requesting to have 2FA disabled; they may use alternative approaches like PGP, SSH, DNS, etc, as described in "Identity verification" above but need to provide two factors of some kind nevertheless.
Without a verified identity, they have no recourse but to register for a new account. Their inaccessible account cannot be deleted.
Generally this ends with offering the user one year of free service and asking them to email us again when it runs out if their situation has not changed.
We generally trust our users, and don't ask them to substantiate financial aid requests further than a declaration of need. For instance, there is no need to ask for a student ID to grant service on the basis of a user's student status.
Common reasons to grant free service:
Common reasons to reject requests for free service:
If in doubt, offer them free service. The user dashboard has a place to generate invoices, set the source to "Financial aid", the amount to 0, and the term to 1 year (the default). They can re-apply after it runs out.
Generally speaking if a user asks for a refund relatively close to their payment date (say, within one quarter), give them one and cancel their paid services by updating their account type to non-paying.
Verify both accounts, using two factors if necessary, then use the meta.sr.ht user admin UI to transfer the billing info over.
commit 23592fd3f703a0d04a7ab6cf5b00ccaf027bf577 Author: Gary Kim <gary@garykim.dev> Date: 2024-11-30T00:14:06-05:00 builds.sr.ht: fedora: remove EOL versions