Recent discussion about desysopping administrators after being inactive for a year (or other specified time) has once again arisen after an inactive admin account was suspected to have been compromised. This discussion has larger implications about account security on Wikipedia, however. A Signpost article from last August discusses a study on password security—in which researchers gave Wikipedia a score of 4 out of 10.
While many people are inclined to use bad passwords, such as "password" or "fuckyou", this only gives "hackers" easier access to an account without detection. It is therefore proposed that our current MediaWiki installation include additional features to increase the account security and password strength of its users. This page is meant to be a place where users can propose and/or comment on various methods of doing this, and the more popular proposals can then be presented to developers for assessment and, hopefully, then implementation.
Further reading: Wikipedia:User account security, meta:Don't leave your fly open, Wikipedia:Personal security practices. Please feel free to add proposals in a new section at the bottom and comment on existing proposals. /ƒETCHCOMMS/ 16:47, 3 June 2011 (UTC)