Hi,
In order to secure usernames/passwords, some other use of TLS/SSL may apply. The AAA work
may be done on
https://login.wikipedia.org/wikiname, also giving a .wikipedia wide security token in that
place and not messing with that in clear-text connections.
That's how large sites handle authentication/authorization. Isn't wiki a large
site? :)
Domas