Hoi,
Would OpenID make a difference ? It seems to me that when you authenticate
to both WMF projects and to this watchlistr, you would not expose passwords
in the wrong place. It seems to be also a solution of allowing Commons to
authenticate in this way.
Thanks,
GerardM
2009/7/22 Sage Ross
<ragesoss+wikipedia@gmail.com<ragesoss%2Bwikipedia@gmail.com
> I'm not sure what to do about this; it seems like a good idea but a
> major security risk:
>
http://www.watchlistr.com/ is a site that
creates aggregate watchlists
> across multiple projects. See
>
http://en.wikipedia.org/w/index.php?title=Wikipedia:Bounty_board#Transwiki_…
> The user who made it has very little
editing history, and the site
> aggregates watchlists across multiple projects, but requires inputting
> your Wikimedia password into the
watchlistr.com site. I have no
> specific reason to think it's a scam, but if I was trying to phish
> passwords I would do something like this.
> -Sage Ross (User:Ragesoss)
>
_______________________________________________
> Wikitech-l mailing list
> Wikitech-l(a)lists.wikimedia.org
>
https://lists.wikimedia.org/mailman/listinfo/wikitech-l