Am 11.02.2013 13:26, schrieb M.-A. Lemburg: > Why not leave the decision to change the password to the PyPI users > and only do a blog post and perhaps have a banner on PyPI to notify > them ? > > After all, unlike for the wiki installation, the PyPI passwords were > not compromised.
It depends on your level of paranoia. Technically they are potentially compromised. The passwords were and are still transmitted over non-encrypted HTTP connections. </nitpicking> _______________________________________________ Catalog-SIG mailing list [email protected] http://mail.python.org/mailman/listinfo/catalog-sig
