I said it would be opt-in so they wouldn't be spammed unless they would like to be
On Wed, Apr 4, 2012 at 2:36 PM, Platonides <platoni...@gmail.com> wrote: > On 04/04/12 10:47, Petr Bena wrote: >> The accounts could be compromised just using a brute force attacks >> which would be running for a long time. Since user would never know >> their account is being cracked, they would likely never bother with >> making their password more strong, neither report it somewhere. If I >> was an inactive sysop and I received a message that someone has done >> 500 000 login attempts over night, I would likely ask some bureaucrat >> to remove my sysop flag, since I don't even need it. > > Many people would complain that wikipedia is spamming them... and do > nothing. > Note that there's no way to stop an ip from trying to login. > I think login failures are aggregated in some server, the sysadmins > should be able to detect from there a bruteforce attempt and ban the ips > at the squids. I don't know if there's such alarm implemented, though. > > > _______________________________________________ > Wikitech-l mailing list > Wikitech-l@lists.wikimedia.org > https://lists.wikimedia.org/mailman/listinfo/wikitech-l _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l