Board Thread:General Discussion/@comment--20150810171627/@comment-1824272-20150810194653

Deadcoder wrote:

Disabling Javascript isn't the answer. The problem isn't enabling Javascript. The problem is that Wikia's security policies are horribly negligent. Wikia uses insecure transmission for a bunch of different things. Wikia's policy on the Dev wiki was to not protect any scripts, ignoring the security issues; when the policy should have always been to require the code-editor permission to edit any scripts. Logging in should be restricted to a single page. Scripts should be auto-audited before being put into effect.

The issue here is that Wikia was negligent about security, and now we're paying the price. Given the fact that Wikia doesn't want to enable 2FA, we might be paying this price for a long time to come.