I'd like to see some changes to the password system. As it is, there are
*no* restrictions on allowed passwords, as long as it is at least one
character in length.
Passwords should be /required/ to be at least six characters in length
and contain at least one letter and one number. Most other popular sites
do at least this. (If such a change were made, users with passwords not
meeting this requirement could be prompted to change theirs upon the
next login.)
In addition, it should be entirely disallowed for a user to create a
password containing the string "password" or that is identical to their
username.
Just an idea, anyway. I think the current system needs a bit of work,
because password security *is* a concern on a site as wildly popular as
Wikipedia is.
Michael Billington wrote:
Just to note, AmiDaniel has filed a bug report about
the security of the
login system. I particularly like the idea of using captchas after multiple
attempts, to stop automated password cracking. The bug report is at
http://bugzilla.wikimedia.org/show_bug.cgi?id=9816
--Michael Billington
_______________________________________________
WikiEN-l mailing list
WikiEN-l(a)lists.wikimedia.org
To unsubscribe from this mailing list, visit:
http://lists.wikimedia.org/mailman/listinfo/wikien-l