Requests for comment/Password policy for users with certain advanced permissions/massmessage

This notice has been sent out, so no more translations are needed. Thank you to everyone who helped translate.


Hello

We have started an RFC on meta to increase password requirements for users that have accounts which can edit MediaWiki:Common.js, have access to checkuser or have access to Oversight.

These types of accounts have sensitive access to our sites, and can cause real harm if they fall into malicious hands. Currently the only requirement is the password is at least 1 letter long. We would like to make the minimum be 8 letters (bytes) long and also ban certain really common passwords.

By increasing requirements on passwords for accounts with high levels of access, we hope to make Wikimedia wikis more secure for everyone. Please read the full text of the proposal here, and make your voice heard at the RFC.

Thank you

(On behalf of the WMF security team) BWolff (WMF) (talk) 09:24, 13 December 2015 (UTC)[reply]

Delivered using Global message delivery and the distribution list