Again, Just theatrical security, Most people tend to use the same passwords everywhere, if this was the case for said Sysop, Their email is also compromised. Also this would require wikis to have email sending setup, as well as the user to have confirmed theirs.
That's the problem of user if they use same password, but I believe that any users with any sense for security don't do that, sysops could be instructed to use different password than in their email.
This would be much simpler and it would actually make hacking to sysop accounts much harder.
Not really, per my point above.
It would per my point above your point.
The problem here is that it doesn't really discuss how a sysop account has been compromised; via the email account? Via some more direct method?
As pointed out it is somewhat security theatre.
Besides; you're looking for a problem to fit the solution. On English Wikipedia compromised accounts are, in themselves, rare occurrences. And compromised sysop accounts rarer (read; I've never seen one!).
We discussed this at length when implementing the age-desysoping, and agreed it wasn't an entirely failsafe method against compromise. But it does provide a level of scrutiny to a returning sysop; and really that is all that is needed. The amount of damage a compromised sysop account could do isn't critical and they can be stopped relatively easily - if they have scrutiny.
This is the best form of security.
Tom