"If you're a moderator or administrator it is especially negligent to have such an easily guessed password."
Actually, I find just the apparent fact that he uses a 3rd party openid provider (whichever one it is) for his StackOverflow admin account disturbing. The OpenID provider has the credentials - they can therefore log in as him any time they like. Only their integrity / reputation prevents them from doing that. I think it's fine for individuals using the system to trust a 3rd party like that but I don't think it's fine for someone with admin powers to do so.
* Ignore this whole comment if he runs his own OpenID provider :-)
"If you're a moderator or administrator it is especially negligent to have such an easily guessed password."
Actually, I find just the apparent fact that he uses a 3rd party openid provider (whichever one it is) for his StackOverflow admin account disturbing. The OpenID provider has the credentials - they can therefore log in as him any time they like. Only their integrity / reputation prevents them from doing that. I think it's fine for individuals using the system to trust a 3rd party like that but I don't think it's fine for someone with admin powers to do so.
* Ignore this whole comment if he runs his own OpenID provider :-)