Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                

Wikipedia:Bureaucrats' noticeboard

This is an old revision of this page, as edited by JzG (talk | contribs) at 17:37, 17 November 2017 (FYI: reply). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.


Latest comment: 7 years ago by JzG in topic Lost access to account

    To contact bureaucrats to alert them of an urgent issue, please post below.
    For sensitive matters, you may contact an individual bureaucrat directly by e-mail.
    You may use this tool to locate recently active bureaucrats.

    The Bureaucrats' noticeboard is a place where items related to the Bureaucrats can be discussed and coordinated. Any user is welcome to leave a message or join the discussion here. Please start a new section for each topic.

    This is not a forum for grievances. It is a specific noticeboard addressing Bureaucrat-related issues. If you want to know more about an action by a particular bureaucrat, you should first raise the matter with them on their talk page. Please stay on topic, remain civil, and remember to assume good faith. Take extraneous comments or threads to relevant talk pages.

    If you are here to report that an RFA or an RFB is "overdue" or "expired", please wait at least 12 hours from the scheduled end time before making a post here about it. There are a fair number of active bureaucrats; and an eye is being kept on the time remaining on these discussions. Thank you for your patience.

    To request that your administrator status be removed, initiate a new section below.

    Crat tasks
    RfAs 0
    RfBs 0
    Overdue RfBs 0
    Overdue RfAs 0
    BRFAs 13
    Approved BRFAs 0
    Requests for adminship and bureaucratship update
    No current discussions. Recent RfAs, recent RfBs: (successful, unsuccessful)
    It is 09:36:14 on December 11, 2024, according to the server's time and date.


    Resysop request (JzG)

    The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.


    Thanks for switching off the sysop bit back in April. Please re-enable now. Guy (Help!) 23:59, 10 November 2017 (UTC)Reply

    Happy news! :D Ben · Salvidrim!  00:28, 11 November 2017 (UTC)Reply
      Done Welcome back. — xaosflux Talk 00:21, 12 November 2017 (UTC)Reply
    Thank you. Guy (Help!) 07:34, 12 November 2017 (UTC)Reply
    The discussion above is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.

    Lost access to account

    Hello, all! At some point I apparently added two-factor authentication to my main account, though I don't honestly recall doing it. As such, I don't have a means to obtain authentication codes and no longer have access to my admin account. I'm not sure what the procedure is in this situation, but I don't expect I'll ever be able to access the account again, so it might be best to remove the admin bit. Otherwise, I suppose it'll be removed eventually due to inactivity. I have email enabled on both accounts if some verification is needed. Best, --auburnpilot's sock 19:31, 11 November 2017 (UTC)Reply

    • I think this is a Phabricator thing, not a bureaucrat one. Given this diff we can be certain that User:AuburnPiIot is the same person as User:AuburnPilot. Jo-Jo Eumerus (talk, contributions) 20:03, 11 November 2017 (UTC)Reply
    • I've temporary removed +sysop, per your request above. There are a few options, will reply below in a moment. — xaosflux Talk 00:07, 12 November 2017 (UTC)Reply
    • Options:
      1. Verify this is actually a 2FA issue
        1. Are you successfully logging in with your password, but then getting the 2FA prompt?
      2. Regain control of your 2FA account
        1. Consider what device(s) you may have enrolled in 2FA with and see if they still have authentication clients on them
        2. Enrolling in 2FA includes a generation of "scratch codes" - perhaps you wrote these down somewhere as it asked you to
      3. Establish strong support that your alt account is under control of the same person that had control of your admin account - then:
        1. We could move your admin access to another account
        2. You could petition a developer to remove your 2FA configuration : This is generally not supported (c.f. phab:T85706), but is technically possible.
          1. Example ticket phab:T168779,
    xaosflux Talk 00:12, 12 November 2017 (UTC)Reply
    Thanks for the quick response! It's definitely a 2FA issue as I'm getting asked for a verification code when logging into the site. Unfortunately, the device I would have used at the time was issued by the company I previously worked for and is no longer in my possession (wiped clean and returned upon leaving the company about 5 months ago).
    As for proving the connection between accounts, I'm sure there are several people I've been in contact with off project who could confirm and I have no issue with a CU comparing IPs. I also provided a committed identity at some point in the past. It should be in the deleted history of the userpage for my main account (now to remember the string! haha). Thanks! --auburnpilot's sock 03:03, 12 November 2017 (UTC)Reply
    OK, so that clears #1, and #2. Assuming you want to be an admin again, #3 will be needed, do you want to go for the move to a new account or beg a dev route? Your deleted CI begins with "c0e6" and was from 2007 - this would be useful for either. — xaosflux Talk 03:24, 12 November 2017 (UTC)Reply
    Checkuser needed - QCU request placed to request comparison while there is current data. — xaosflux Talk 15:45, 12 November 2017 (UTC)Reply
    Thank you KrakatoaKatie - next step is up to AuburnPilot. — xaosflux Talk 16:24, 12 November 2017 (UTC)Reply

    Move access

    From: AuburnPilot
    To: AuburnPiIot

    Thanks again, all! By random chance, my admin account was still logged in on the PC in my home office, but I'm still unable to disable the two factor authentication since I can't generate a code. Once this login token expires, I'll be right back in the same spot. It seems like the easiest option would be to simply move the admin access to a different account. Xaosflux: do you think it would be too confusing to flip the bit on the sock account (User:AuburnPiIot) I was using above? Thanks, --auburnpilot talk 23:14, 14 November 2017 (UTC)Reply

    • That is possible - standard 24 hour hold for community comments. — xaosflux Talk 00:51, 15 November 2017 (UTC)Reply
    • No issues with this at all I think we can file this under purely routine housekeeping. With 2FA this sort of thing is going to happen from time to time. Because my 2FA is limited to a single device I am always worrying that if something were to happen to it I might get locked out. To that end I have the emergency log in codes in a separate place and I created another account w/o administrator rights so I could log in in case I did not have immediate access to my computer. -Ad Orientem (talk) 02:10, 15 November 2017 (UTC)Reply
      @Ad Orientem: if you saved your initial two-factor secret key (or re-register and get a new one) you can activate your 2FA on multiple devices. Storing those scratch codes securely is wise! — xaosflux Talk 04:33, 15 November 2017 (UTC)Reply
    • Responding to advertisement at WP:AN, no issues as well. AuburnPilot has confirmed that this is them using the original account and by CU. ansh666 03:39, 15 November 2017 (UTC)Reply
    • No concerns. TonyBallioni (talk) 03:43, 15 November 2017 (UTC)Reply
      • While asking a dev to disable 2FA is an option, I actually think the preferable option is a transfer of rights. I get the scrutiny part, but we should not make it a practice to recommend dev's undoing 2FA, even when CU confirms that the accounts are the same. It is meant to be difficult to break for security reasons, and setting as a principle that we do not disable it except under very rare circumstances beyond the person's control would be a good thing. Since this is also the preference of AuburnPilot, we should just transfer the access between accounts. TonyBallioni (talk) 15:43, 15 November 2017 (UTC)Reply
    • No concerns - any account which can prove themselves to be the same person may ask to have the rights transfered to it. We approve the person at RFA, not the account. עוד מישהו Od Mishehu 08:19, 15 November 2017 (UTC)Reply
    • No worries about this, but we do need a better way of dealing with lost 2fa and transferring 2fa to a new device. It's there anything in phab already related to this? GoldenRing (talk) 08:32, 15 November 2017 (UTC)Reply
      Does not seem to be the case.--Ymblanter (talk) 08:38, 15 November 2017 (UTC)Reply
      Transferring 2FA to another device is not hard. I've done it multiple times with my device. It's just that people don't always remember to do so. This is WHY the instructions tell you to print and safeguard the scratch codes, which provides further evidence that people don't read instructions. :) phab:T100375 and related tickets capture some of the problems with regard to problems and the recovery processes. There are also several community wishlist proposals on the topic of 2FA, which I encourage you to vote for when the voting process begins. —TheDJ (talkcontribs) 12:37, 15 November 2017 (UTC)Reply
      @TheDJ: I recently went through four phones in about a month (due to a series of ridiculous incidents involving badminton, OTA updates and alcohol). Each time, I had to disable 2FA and re-enable it to transfer from one phone to another. Unless I missed something in the process, disabling and re-enabling 2FA makes all your existing scratch codes useless and it generates you a new set. So every time you want to move to a new device, you have to redo your scratch code storage.
      Other providers who use 2FA have a way of transferring code generation from one device to another, so long as you both know the password and have either a scratch code or a working code generator. GoldenRing (talk) 13:54, 16 November 2017 (UTC)Reply
      @GoldenRing: you should be able to store and reuse your 2FA secret to add additional devices. What is difficult is that it is only shown during enrollment. — xaosflux Talk 14:13, 16 November 2017 (UTC)Reply
    • No concerns. Boing! said Zebedee (talk) 13:46, 15 November 2017 (UTC)Reply
    • No concerns. Except for the detestable blue and orange in the editor's sig. Tiderolls 13:54, 15 November 2017 (UTC)Reply
    • Recovering/disabling the 2FA seems like a better option to me, otherwise no concerns. Κσυπ Cyp   14:32, 15 November 2017 (UTC)Reply
    • No concerns, although getting dev to disable the 2FA does seem like a better option because of the history. Being an admin, this is likely more important than not, for the ease of researching past actions, etc. I would strongly prefer the dev route if possible. Dennis Brown - 15:32, 15 November 2017 (UTC)Reply
    • Ha, AuburnPilot is still around! NO BLOCK AND DESYSOP JUST TO PISS HIM OFF AND RESTORE AFTER IRON BOWL! Bwahaha. Also, this has me worried a little bit--if I have a similar screw-up I'm not sure what I would do. Drmies (talk) 15:41, 15 November 2017 (UTC)Reply
    • No Concern and I'd suggest that we probably have enough comments above for the rights to be switched now. Pedro :  Chat  17:48, 15 November 2017 (UTC)Reply
    • Concern as a matter of procedure. I would prefer that AuburnPilot recovers their original account through Phabricator. The Wikimedia Foundation has technical staff with a lot more tools at their disposal than what CheckUsers have to determine if the original owner is in control of the account. Why not leave this to the experts? Now, I am sure that AuburnPilot and AuburnPiIot are the same person. I just don't think that a vote of random community members is how this sort of case should be handled. -- Ajraddatz (talk) 20:58, 15 November 2017 (UTC)Reply
    • Thanks to everyone who has taken the time to comment! I haven't been too active recently but it's good to be back around the site. Reading all the comments above, I see some concerns regarding admin access being moved from one account to another. My preference is simply for whatever is easier for those required to do the work cleaning up my mistake in not maintaining the authentication access for the account. From my chair, it seems easier to move the access but I'm not familiar with Phabricator and haven't the slightest clue if the devs would be willing to remove 2FA. Regardless, I'm open to whatever option requires the least inconvenience on others! Best, --auburnpilot's sock 21:20, 15 November 2017 (UTC)Reply
      I think it's just me concerned with moving the access. Moving access is certainly the easier option, and there is clear consensus here for that to happen. But I still feel that account security issues should be handled by the people who are paid to handle account security issues, rather than decided by a vote of 15 people with limited access to the information required to make an informed comment on the situation. -- Ajraddatz (talk) 21:49, 15 November 2017 (UTC)Reply
    • @AuburnPilot: would you please open a phab ticket to request a 2FA disabled, reference this conversation. Should it be delayed or refused, access moving is still on the table. — xaosflux Talk 23:54, 15 November 2017 (UTC)Reply
    •   Done @AuburnPilot: as there has been plenty of time and you have successfully recovered your account I've restored your prior +sysop bit, the move is no longer needed. @Ajraddatz: and @Cyp: your process points are important, but I think they are bigger than enwiki. Other then phab:T85706 a meta: discussion may be the place to drive this forward, as it is a global issue. — xaosflux Talk 03:06, 16 November 2017 (UTC)Reply

    FYI

    I dropped the sysop bit for a while and this automatically removed 2FA (which is not enabled for ordinary users). So all that's actually needed if this happens again I think is to desysop, gain access to the account and request resysop, then set up a new 2FA. That's what happened for me, anyway. The original 2FA token was no longer usable. Guy (Help!) 13:00, 17 November 2017 (UTC)Reply

    @JzG: removing a group from a single project should not deactivate your global 2FA setting. Are you sure this is what happened? When was it? I can go test on test2 later to see if it is a bug. — xaosflux Talk 13:44, 17 November 2017 (UTC)Reply
    Pretty confident, yes - but I have no advanced rights anywhere else. Guy (Help!) 15:53, 17 November 2017 (UTC)Reply
    Just FYI - I just went through the entire process with my alt account User:Xaosflux_ep via test2wiki: Made it an admin; had it enroll in 2FA; removed admin access :: 2FA did not get removed based on this change. The account was still able to unenroll using the normal process. 2FA is 'enabled' for all users, but 2FA 'enrollment' is not available for all users. @JzG: the symptom you reported is unexpected. — xaosflux Talk 16:10, 17 November 2017 (UTC)Reply
    Guess I'm special :-) Guy (Help!) 17:37, 17 November 2017 (UTC)Reply

    Resignation from the Arbitration Electoral Commission

    The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.


    Since self-nominations for the Arbitration Committee Elections December 2017 started, and I am unfortunately still listed as a party of a pending ArbCom case, I obviously can not serve on the Electoral Commission per WP:INVOLVED. I thereby resign and request the bureaucrats to call one of the two reserve commissioners. Thank you.--Ymblanter (talk) 08:46, 12 November 2017 (UTC)Reply

    Thank you for the update, I endorsed some candidates, but commission selection had already named User:DoRD as the first successor. DoRD, are you still willing to perform this function? — xaosflux Talk 15:10, 12 November 2017 (UTC)Reply
    Thanks for the ping, and I'm in contact with the two remaining commissioners. ​—DoRD (talk)​ 16:18, 14 November 2017 (UTC)Reply
    @DoRD: Is that a "yes" ? — xaosflux Talk 16:30, 14 November 2017 (UTC)Reply
    Oh, sorry, yes it is. ​—DoRD (talk)​ 16:39, 14 November 2017 (UTC)Reply
      Donexaosflux Talk 18:17, 14 November 2017 (UTC)Reply
    The discussion above is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.

    Request for removal of my admin rights

    I'm sad to have to ask this but I'm not realistically going to have enough free time in at least the next couple years to be really active here and I don't want to potentially create a problem for the site. I just saw the bot's notification that I haven't been active in a year and I think that's as good a sign as any that I should give them up. I realize I can probably do so myself, but honestly I can't remember how. . :-) I've already updated my user page accordingly. Thanks for your help! Thingg 13:01, 17 November 2017 (UTC)Reply

    I object =( –xenotalk 13:04, 17 November 2017 (UTC)Reply
      Done Thank you for your service. If you come back before too long you can stop by here to reactivate. — xaosflux Talk 13:39, 17 November 2017 (UTC)Reply