Hi everyone. I've started an RFC to increase password requirements for users that have accounts with a high level of access. Specifically people who can edit [[MediaWiki:Common.js]], and people with access to oversight or checkuser.
These types of accounts have sensitive access to our sites, and can cause real harm if they fall into malicious hands. Currently the only requirement is the password is at least 1 letter long. We'd like to make that be 8 letters (bytes) long, and also ban certain really common passwords. I will probably send a massmessage out sometime soon, but for now, please mention https://meta.wikimedia.org/wiki/Requests_for_comment/Password_policy_for_users_with_certain_advanced_permissions anywhere you think is appropriate and also comment on the proposal yourself. Thanks, --Bawolff _______________________________________________ Wikitech-ambassadors mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-ambassadors
