[Wikipedia-l] Re: [Foundation-l] Password security

Brion Vibber brion at pobox.com
Tue Jan 31 00:33:20 UTC 2006


Jtkiefer wrote:
> I'm surprised that blank passwords were ever allowed since they are
> probably the worst security you can make,

Second only to letting anybody edit your web site. ;)

UseModWiki actually went so far as to allow you to create multiple user accounts
with the same user name...

> Maybe in the future a more strict password security protocol
> should be established and enforced, forcing password changes every x
> days would be unduly burdensome but complexity requirements might be a
> good idea especially since as you mentioned the adminship and the
> community pool has enlarged greatly.

I'm fiddling with some basic dictionary checks and such.

-- brion vibber (brion @ pobox.com)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 249 bytes
Desc: OpenPGP digital signature
Url : http://lists.wikimedia.org/pipermail/foundation-l/attachments/20060130/2d721bf8/attachment-0001.pgp 


More information about the foundation-l mailing list