Jtkiefer wrote:
I'm surprised that blank passwords were ever allowed since they are probably the worst security you can make,
Second only to letting anybody edit your web site. ;)
UseModWiki actually went so far as to allow you to create multiple user accounts with the same user name...
Maybe in the future a more strict password security protocol should be established and enforced, forcing password changes every x days would be unduly burdensome but complexity requirements might be a good idea especially since as you mentioned the adminship and the community pool has enlarged greatly.
I'm fiddling with some basic dictionary checks and such.
-- brion vibber (brion @ pobox.com)