Wikipedia:Wikipedia Signpost/2006-02-06/Password security

A potentially dangerous security issue was addressed last week by forcing password changes for some insecure accounts. There were no reports that anyone had exploited this vulnerability.

Chief Technical Officer Brion Vibber announced on Monday, 30 January, that blank passwords would no longer work for accounts on any Wikimedia Foundation wikis. He reported that he had located "a handful of sysop accounts" with blank passwords, and for security and accountability reasons decided to remove the ability to log in with a blank password.

For existing users hit by this change, Vibber explained, "Affected accounts can reset the password by the automated e-mail password gadget on the login form, unless of course they didn't put in an e-mail." He also added some code that would require affected users to change their passwords the next time they tried to log in.

Jtkiefer commented, "I'm surprised that blank passwords were ever allowed". The change did draw some complaint, however, especially due to it not being announced before implementation. However, as Shimgray pointed out, announcing in advance that a number of administrators had blank passwords would effectively invite people to look for and potentially hijack those accounts. Limiting the change to administrator accounts only was suggested, but according to Vibber there would still be nothing to prevent regular blank-password accounts from being made into administrators in the future.

This is not the first time that password security issues have come up on Wikipedia. Previously, controversy over the use of weak passwords to identify disruptive sockpuppet accounts led to an upgrade to salted passwords (see archived story).