writes "After their passwords got cracked: At least four different Wikipedia administrators have had their weak passwords taken in the past 24 hours. They deleted the home page repeatedly, and one person even put Tubgirl on the "Site notice", which is a global header for all of en.wikipedia.org. How did it happen? Weak logon security measures — there is no CAPTCHA; crappy passwords, and on top of that, while there is an encrypted SSL logon page, it's hard to find. The scariest thing is that people with passwords of "password" are entrusted as sysops and administrators on one of the Top 10 websites on Earth. They even blocked Jimbo Wales repeatedly from his own website!"