Hoi, Would OpenID make a difference ? It seems to me that when you authenticate to both WMF projects and to this watchlistr, you would not expose passwords in the wrong place. It seems to be also a solution of allowing Commons to authenticate in this way. Thanks, GerardM
2009/7/22 Sage Ross <ragesoss+wikipe...@gmail.com<ragesoss%2bwikipe...@gmail.com> > > I'm not sure what to do about this; it seems like a good idea but a > major security risk: > > http://www.watchlistr.com/ is a site that creates aggregate watchlists > across multiple projects. See > > http://en.wikipedia.org/w/index.php?title=Wikipedia:Bounty_board#Transwiki_watchlist_tool > > The user who made it has very little editing history, and the site > aggregates watchlists across multiple projects, but requires inputting > your Wikimedia password into the watchlistr.com site. I have no > specific reason to think it's a scam, but if I was trying to phish > passwords I would do something like this. > > -Sage Ross (User:Ragesoss) > > _______________________________________________ > Wikitech-l mailing list > Wikitech-l@lists.wikimedia.org > https://lists.wikimedia.org/mailman/listinfo/wikitech-l > _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l