On Tue, Feb 4, 2014 at 11:58 AM, Steven Walling steven.walling@gmail.comwrote:
On Tuesday, February 4, 2014, Petr Bena benapetr@gmail.com wrote:
To be honest one of things I liked most on wikipedia over other sites, was no password policy whatsoever. I hope we never get into such a creepy state like oracle website which requires so complicated password that I always immediately forget it...
I fully agree. This is why the RFC explicitly
Sorry, was on my phone. I meant to say...
I fully agree, and this is why the RFC is very clear that the *only immediate change proposed* is an increase in required minimum length from one character to six. It does not suggest that we require more complex character types, such as mixed upper/lower case, numbers, symbols and so on. Just increasing the length, and hopefully suggesting to users how to pick a strong password, is plenty for MediaWiki defaults.