brion vibber (brion @
pobox.com) wrote:
Tomasz Wegrzanowski wrote:
> So, while dictionary-checking sysops' passwords make a lot of sense,
> there's very little point in limiting passwords of the
non-privileged
accounts.
At the moment we don't have a separate switch for sysops, nor any control which
would prevent blank-password accounts from being made into sysops. I'd rather
risk disabling a few accounts temporarily than keep the incredibly dangerous
sysop accounts open (which could be used potenially to great destructive effect).
Could you elaborate on the "temporarily" part ?