I'd like to see some changes to the password system. As it is, there are *no* restrictions on allowed passwords, as long as it is at least one character in length.
Passwords should be /required/ to be at least six characters in length and contain at least one letter and one number. Most other popular sites do at least this. (If such a change were made, users with passwords not meeting this requirement could be prompted to change theirs upon the next login.)
In addition, it should be entirely disallowed for a user to create a password containing the string "password" or that is identical to their username.
Just an idea, anyway. I think the current system needs a bit of work, because password security *is* a concern on a site as wildly popular as Wikipedia is.
Michael Billington wrote:
Just to note, AmiDaniel has filed a bug report about the security of the login system. I particularly like the idea of using captchas after multiple attempts, to stop automated password cracking. The bug report is at http://bugzilla.wikimedia.org/show_bug.cgi?id=9816
--Michael Billington _______________________________________________ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: http://lists.wikimedia.org/mailman/listinfo/wikien-l