On Thu, Jun 5, 2008 at 2:45 PM, Brion Vibber <brion(a)wikimedia.org> wrote:
Anon Sricharoenchai wrote:
However, could you please answer the following
questions?
1. Is there a plan to prohibit local account creation of existing
ununified username?
Not presently as such, however at some point automatic migration of all
remaining accounts may be initiated.
Prohibiting local account creation of existing ununified usernames would
be essentially equivalent, as it would require people wanting to create
such accounts to (manually) initiate a migration before continuing with
the additional account setup.
I think the question was: is there any plan to prohibit the creation
of a local account, when an ununified account with that name exists on
*another* wiki? This is not equivalent to unifying all remaining
accounts, although of course doing so would make the question moot.
It's not possible to group multiple wikis by
password until all
passwords have been manually entered, but we need to make a selection
ahead of time in order to determine if the presently logged-in account
matches the home account. So it's perhaps a bit of a catch-22 there. :)
To expand on this, passwords are stored as a hash salted with the user
id. We can't answer the question, "Is the password for user X the
same as the password for user Y?" We can only answer the question,
"Is the password for user X 'abcd'? Is the password for user Y
'abcd'?" This improves security, in that a malicious Wikipedia admin
would find it hard to figure out what passwords anyone has, but it
also causes difficulty when you're trying to do something
legitimately.