Brion Vibber | 1 Jun 06:21 2005
Picon

Re: Re: [Wikipedia-l] server maintenance on June 1, 3 a.m. UTC

Brion Vibber wrote:
> Jens Frank wrote:
>> We'll create some new indexes that should improve site
>> performance. To do this, we need to set the wikis to
>> read only at 3 a.m. UTC (5a.m. Berlin/Paris, about
>> 10 p.m. Chicago). The downtime will take about 2 hours.
>
> While we're on this, that would be a good time to run the password hash
> salting.

Done.

The other indexes are still building, we'll be back online soon enough... :)

-- brion vibber (brion  <at>  pobox.com)
_______________________________________________
Wikitech-l mailing list
Wikitech-l <at> wikimedia.org
http://mail.wikipedia.org/mailman/listinfo/wikitech-l
Tels | 1 Jun 18:50 2005

Re: Re: [Wikipedia-l] server maintenance on June 1, 3 a.m. UTC


Moin,

On Wednesday 01 June 2005 06:21, Brion Vibber wrote:
> Brion Vibber wrote:
> > Jens Frank wrote:
> >> We'll create some new indexes that should improve site
> >> performance. To do this, we need to set the wikis to
> >> read only at 3 a.m. UTC (5a.m. Berlin/Paris, about
> >> 10 p.m. Chicago). The downtime will take about 2 hours.
> >
> > While we're on this, that would be a good time to run the password
> > hash salting.
>
> Done.
>
> The other indexes are still building, we'll be back online soon
> enough... :)

Arg, I was not fast enough. I just wanted to say that I am shocked that 
wikipedia didn't already salt the passwords. 

And in addition, I hope that now not only the passwords are salted, but 
actually include more measures against brute-forcing, like hashing the 
password 10000 times, or using something stronger than MD5.

But I fear it is again too late for adding that :/

Best wishes,

(Continue reading)

Timwi | 2 Jun 23:37 2005
Picon
Picon

Re: [Wikipedia-l] server maintenance on June 1, 3 a.m. UTC

Tels wrote:
> 
> And in addition, I hope that now not only the passwords are salted, but 
> actually include more measures against brute-forcing, like hashing the 
> password 10000 times, or using something stronger than MD5.

That doesn't make it any more resistant against brute-forcing.

Timwi

Gmane