OESF talk:Antispam configuration work list

From OESF

Security

Do you think it's a good idea giving away the username for the wiki ? Why make it easier for the crackers ? Koan 00:40, 21 October 2007 (EDT)

I always work under the assumption that user IDs are either public knowledge or easily obtained. It emphasizes the importance of keeping passwords secure. -- Meyer (talk) 02:49, 21 October 2007 (EDT)

OK, but I still think you're making the problem easier by giving away half the information. Koan 20:25, 24 October 2007 (EDT)

CAPTCHA

Thanks for installing this, it's going to make a big difference. Any chance of having the question show after clicking edit ? At the moment you click edit, make your changes, hit save, fill out the answer, hit save again. I'd rather hit edit, make changes, fill out the answer and hit save. Koan 20:25, 24 October 2007 (EDT)

I agree that it would be nicer to have the captcha better integrated into the flow of work, but I'm afraid that is the kind of change that would require recoding the extension, which is a task I am definitely not up to. After we've got this first round of anti-spam measure in place, one possibility is to look into fancier versions of the ConfirmEdit extension which I noticed exist. One of them may save a few clicks. -- Meyer (talk) 09:09, 25 October 2007 (EDT)