Board Thread:General Discussion/@comment-24739709-20151026190758/@comment-5590118-20151103183111

> Yes, there's been a large number of recent attacks...

There have only been perhaps 3 unique attacks recently and all of them have been made known by Wikia.

> Yes, 2FA is something that should have been rolled out over a year ago. > Yes, HTTPS should have been made mandatory and supported years ago.

These things could not have just been rolled out, especially if they have not created them/done proper testing. Using HTTPS on a site like Wikia is not simply just a flip of the switch an it is done. There are a lot of infrastructure issues that need to be dealt with in order to accommodate the use of HTTPS. One major thing that I can name off is importing resources from destinations that may not be secure (HTTP). All of these thing need to be found, patched, and tested properly before any such change can simply be rolled out.

> Yes, the login procedures are broken.

They are not "broken" as you say. The current, and most popular, method of logging in to Wikia is not as secure as it should be but is by no means broken.

> Yes, there's all kinds of little ways to bypass the permission management system and lockdown tools.

Special:Contact/general