Surprised about this discussion. While in general this is a good discussion, we are talking about mailman, where you don't really have a good AAA model, you have one admin password per list and one moderator password, which needs to be shared amongst admins/moderators, so will never be changed because it is difficult to coordinate and where passwords are just send plain text. That is a level of security that is the same level as the post-it note on the bottom of you keyboard.
Effort with mailman should go into a proper authentication method, so that for one mailman instance, I have one account where I am simply manage my lists, either just as a reader, or as a moderator/admin, where only I indeed need the password, and then as a bonus with single signon support so that I could configure to login with my google account, or in our case with our wikimedia password.
Regards,
Andre Koopal
On Fri, Nov 13, 2015 at 1:58 PM, Andrew Lih andrew@andrewlih.com wrote:
+1 on LastPass.
1Password for Mac has seen some problems lately
http://appleinsider.com/articles/15/10/20/1password-to-change-file-formats-a...
-Andrew Lih Associate professor of journalism, American University Email: andrew@andrewlih.com WEB: http://www.andrewlih.com BOOK: The Wikipedia Revolution: http://www.wikipediarevolution.com PROJECT: Wiki Makes Video http://en.wikipedia.org/wiki/Wikipedia:WikiProject_Wiki_Makes_Video
On Fri, Nov 13, 2015 at 7:52 AM, GorillaWarfare < gorillawarfarewikipedia@gmail.com> wrote:
LastPass's salted master password* plus 2FA is far preferable to using a single password on every site you visit.
*https://lastpass.com/support.php?cmd=showfaq&id=1116
– Molly (GorillaWarfare)
Listadmins mailing list Listadmins@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/listadmins
Listadmins mailing list Listadmins@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/listadmins