On 13/11/15 17:39, Merlijn van Deen wrote:
As I understand it, *subscribers* used their regular passwords for mailman, and mailman stores passwords *unhashed* on the server (!).
Yes. mailman stores the subscribers passwords unhashed. The list admin passwords are hashed, however.
It is clearly explained on the subscription page: «You may enter a privacy password below. This provides only mild security, but should prevent others from messing with your subscription. *Do not use a valuable password* as it will occasionally be emailed back to you in cleartext»
So although list passwords were not in so much risk, it's much easier to change these, as the list admins is a better user base than sending a message like that to every wmf list subscriber.
I would cross-check the old subscribers passwords with their Wikimedia account, and if they matched (as it did for these staff), send them an email, too.
I would have expected better for someone with a staff account, though. ☹
Best regards