I'm not aiming for real security here, just making it slightly more
difficult for the spammer. We can always come up with a better password
later on.
That's true: we can wait to see whether the chosen password is or is not effective to avoid spamming.
Paul
