your Wikimedia
password into the
watchlistr.com site. I have no
specific reason to think it's a scam, but if I was trying to phish
passwords I would do something like this.
Would something on the toolserver be
safe enough in these terms?
It would seem more trustworthy, but if i recall correctly it is
explicity forbidden to ask for user passwords on the toolserver.
(Which is why Magnus jumped through hoops the create his TUSC thingie)