https://bugzilla.wikimedia.org/show_bug.cgi?id=25925
--- Comment #22 from MZMcBride <[email protected]> --- (In reply to comment #21) > They impersonate them, then edit (and maybe email) under their name. > > Maybe you think that's irrelevant for regular editors. I think it's still a > serious problem, just not as big a problem as if the same thing happens for > someone with elevated rights. It's only serious if you can justify why it's serious. People can edit without logging in at all. And they can make as many free accounts as they'd like. So... why would they hack into someone else's account? Many smart people here and elsewhere have said that it's up to users to define what level of security they're interested in placing on their account. And many users rightly choose a weak password, as the ability to remember a password is more important than the almost non-existent possibility of their valueless account being hacked. That point still seems to be getting lost somewhere. Security measures always come with a cost, both in terms of technical debt and in terms of user experience. I'm not sure these costs are being properly considered. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
