On Mon, Mar 31, 2003 at 01:38:19PM -0600, Lee Daniel Crocker wrote:
(Tim Starling ts4294967296@hotmail.com):
If we really want to be serious about security we'll have to use ssl for login, but I don't know how to do that.
That's entirely too paranoid. Frankly, I don't see much need for high security of Wikipedia logins. It's not like we're storing medical records. (Oh my God! My neighbor might find out that I like the "Nostalgia" skin!) The only real risk is that someone might log in as me and make edits in my name, but then I'd just disavow them and change my password.
We should make it an option to login via SSL at least for sysops. It's pretty dangerous to send sysop passwords unencrypted.