To paraphrase the paraphrase of Lars from the original post, "security is important, but we too often sacrifice usability to obscure security issues."
Just thinking about my own site, I'd go stark raving mad if I had to login every time I wanted to do something admin-ish. How many of you backing "sudo" don't just build high-traffic sites, but are responsible for the day-to-day running of them? Even with having a browser memorize my password it would be a total PITA.
Fix the actual vulnerability (excessively trusting admin form actions), rather than forcing everyone to run through the gauntlet of a thousand logins. Seems to me that this would be the lazy man's "fix."
