On Wed, Oct 26, 2011 at 11:13, Neil Harris <neil(a)tonal.clara.co.uk> wrote:
If there's one measure I'd like to see that isn't (as far as I know) yet
implemented, it would be to require admins and other privileged users to set
strong passwords, perhaps initially by Javascript-based warnings, and later
by locking out those accounts completely, after a warning period of perhaps
one year.
+1