[wp-hackers] On overly-obscure passwords

Mark Waterous lists at watero.us
Wed May 5 21:18:24 UTC 2010

Changing this is begging for all the zealots in the twitterverse to point a
whole new set of fingers at the lack of security WordPress provides as a
default layer.

Regardless of that, is it really something that needs to be addressed to
begin with?

There is simplifying for the sake of user friendliness and then there's
dumbing down to please a small percentage of the audience. Even smaller if
you consider that a good majority of WordPress installations only ever have
one user (the admin) who if scared by a password such as the ones previously
suggested here probably have more severe concerns to deal with first.

Don't get me wrong, I'm not trying to suggest that WordPress be elitist in
this regard, but I think Peter already mentioned that most people copy and
paste such things anyways. If they don't on your web site, Otto's suggestion
is probably the way to go.

-----Original Message-----
From: wp-hackers-bounces at lists.automattic.com
[mailto:wp-hackers-bounces at lists.automattic.com] On Behalf Of Baki Goxhaj
Sent: Wednesday, May 05, 2010 10:57 AM
To: wp-hackers at lists.automattic.com
Subject: Re: [wp-hackers] On overly-obscure passwords

The point of the thread was that for some users the reset password (that
would be the case for the first-time password) was something somewhat scary.
I don't really know what the solution of this would be, but I know that
after resets, people do change their passwords, so making it a little less
visually strange might be a good idea.


More information about the wp-hackers mailing list