On 04/04/12 10:47, Petr Bena wrote:
The accounts could be compromised just using a brute force attacks which would be running for a long time. Since user would never know their account is being cracked, they would likely never bother with making their password more strong, neither report it somewhere. If I was an inactive sysop and I received a message that someone has done 500 000 login attempts over night, I would likely ask some bureaucrat to remove my sysop flag, since I don't even need it.
Many people would complain that wikipedia is spamming them... and do nothing. Note that there's no way to stop an ip from trying to login. I think login failures are aggregated in some server, the sysadmins should be able to detect from there a bruteforce attempt and ban the ips at the squids. I don't know if there's such alarm implemented, though.