On 31/01/06, Tomasz Wegrzanowski <taw(a)users.sourceforge.net> wrote:
A lot of people have just lost their account because
of this,
and it wasn't even announced that it was coming.
This part of the problem could be reduced if the change was
announced in advance.
It strikes me that announcing in advance "Hey, guys, a number of
accounts INCLUDING n SYSOPS have blank passwords and can easily be
taken over..", then not fixing it for a while, is a recipe for
disaster. It's not that hard to generate a list of users with admin
privileges, and presumably neither is it impossible to write a short
script to try 800 logins...
--
- Andrew Gray
andrew.gray(a)dunelm.org.uk