On Thu, Jul 23, 2009 at 1:37 PM, Tim
Starling<tstarling <at>
wikimedia.org> wrote:
They would only have to get the site usernames to decrypt the login
info. They could get those the next time each user logs in, if
they're not detected immediately. There's no way around this; if your
program can log in as the users, so can an attacker who's able to
subvert your program.
Wouldn't adding a salt fix this? They would have to have both the
username, the database, and the salt value to decrypt the wiki list.
I would suggest you apply for a toolserver account:
https://wiki.toolserver.org/view/Account_approval_process
Once you have a toolserver account, I'd be willing to work with you to
arrange for some form of direct access to all wikis' watchlist tables
(I'm a toolserver root). You then wouldn't need to possess any login
info.
I attempted to apply for a toolserver account, but it appears that the
server at
http://toolserver.org/accountrequest is down (as of 1:27pm CDT).
~Cody