<snip>
2) We need a credible security mechanism for the wiki. Today, for example, it is not required for a user to give their real name (the field is optional). And the password can be as little as 1 character. (Yup, I just created an account with password="x"). With 15,000 zombie accounts, lack of real names and the ability for users to create trivially crackable accounts, it would be hard to really identify a change to a particular person.
Yes on password strength, no on real names. The key issue here is that at some point during either the registration or posting process, the account holder / poster actively acknowledges that the contributed content falls under whatever licence that is required. Without formal identity verification, there is no material difference between a Monica and a claimed name.