Tubgirl is Love.

[reddragdiva]

An English Wikipedia admin account just got compromised and abused again, because the admin used "fuckyou" as a password. That's the sixth most common password, I think. The main page was deleted for five minutes and Tubgirl was put in the sitenotice.

Brion and Greg are (right now) running a password cracker over the admin accounts. If you want to keep your admin bit and know, deep in your heart, that your password is a bit rubbish, I strongly suggest changing it or it will be locked. Hint: if it shows up in Google, it's a rubbish password. Or enter it into the search box at the right of my Wikipedia blog with your username — I have a, uh, phishing detector running there. Yes, that's it. A note on the subject has been added to Wikipedia:Administrators.

Now we eagerly await Single Crack 0wnz0ring. Normal people just don't get passwords. I used to do dial-up Internet tech support. "What do you want for a password?" "Oh, [username]." "I'm sorry, you can't have it be the same." "Oh, [username]1." Suggestions? Assume we can't require an RSA keyfob for all editors.

Comments

[secretlondon.livejournal.com]

Where did he post it?

Apparently consensus is brewing that our compromised admins should just be re-sysopped. Good chaps, one of us, assume good faith etc..

[reddragdiva]

There are enough people who will be watching all cases very closely, so this is probably not a problem as long as they can reasonably be assumed not to in fact have gone rogue. Jiang is reasonably suspected to just have been very dumb with the password, for example. Of course, there are those who think this sort of dumbness with passwords is evidence of insufficient clue for adminship, but anwyay.