User talk:Richwales/Archives/2019-05

This page is an archive of past discussions. Do not edit the contents of this page. If you wish to start a new discussion or revive an old one, please do so on the current talk page.

ArbCom 2019 special circular

Latest comment: 5 years ago1 comment1 person in discussion

Administrators must secure their accounts The Arbitration Committee may require a new RfA if your account is compromised. Use strong, unique passwords for your Wikipedia account and associated email Change your password now if your Wikipedia account password or email password is reused on another website, exposed, or weak Enable two-factor authentication now for improved security

View additional information

Why have I received this message? All administrators are receiving it. What prompted you to send this message? Recently, several Wikipedia admin accounts were compromised. The admin accounts were desysopped on an emergency basis. In the past, the Committee often resysopped admin accounts as a matter of course once the admin was back in control of their account. The committee has updated its guidelines. Admins may now be required to undergo a fresh Request for Adminship (RfA) after losing control of their account. What do I need to do? Only to follow the instructions in this message. Check that your password is unique (not reused across sites). Check that your password is strong (not simple or guessable). Enable Two-factor authentication (2FA), if you can, to create a second hurdle for attackers. How can I find out more about two-factor authentication (2FA)? You can find out more about 2FA at m:2FA.

This message was sent to all administrators following a recent motion. Thank you for your attention. For the Arbitration Committee, Cameron11598 02:27, 4 May 2019 (UTC)

Missed one

Latest comment: 5 years ago3 comments2 people in discussion

Hello R. Thanks for your cleanup on the article. The BLP problem still shows in this edit summary though the edit itself is okay. Best regards. MarnetteD|Talk 16:38, 4 May 2019 (UTC)

Fixed now. Thanks for catching this. — Richwales (no relation to Jimbo) 16:52, 4 May 2019 (UTC)

And thank you for the followup. Cheers. MarnetteD|Talk 18:47, 4 May 2019 (UTC)

Administrator account security (Correction to Arbcom 2019 special circular)

Latest comment: 5 years ago1 comment1 person in discussion

ArbCom would like to apologise and correct our previous mass message in light of the response from the community.

Since November 2018, six administrator accounts have been compromised and temporarily desysopped. In an effort to help improve account security, our intention was to remind administrators of existing policies on account security — that they are required to "have strong passwords and follow appropriate personal security practices." We have updated our procedures to ensure that we enforce these policies more strictly in the future. The policies themselves have not changed. In particular, two-factor authentication remains an optional means of adding extra security to your account. The choice not to enable 2FA will not be considered when deciding to restore sysop privileges to administrator accounts that were compromised.

We are sorry for the wording of our previous message, which did not accurately convey this, and deeply regret the tone in which it was delivered.

For the Arbitration Committee, -Cameron11598 21:04, 4 May 2019 (UTC)

As the protection expired

Latest comment: 4 years ago5 comments2 people in discussion

Hello RW. You may remember the BLP roblems on the Jim Cummings (edit | talk | history | links | watch | logs) article a couple weeks ago. After your protection expired they resumed. I can file a new WP:RFPP but I thought I'd make you aware of this first. MarnetteD|Talk 18:50, 18 May 2019 (UTC)

The semi-protection I added to the Jim Cummings article is, in fact, still in effect. However, the latest problem edit was done by a user who, although relatively new, has just barely passed the criteria for autoconfirmation. I'll look into the issue further. — Richwales (no relation to Jimbo) 23:53, 18 May 2019 (UTC)

D'oh. Apologies for missing the protection info. I don't know whether the post is still up for r/d. Has the fact that the story has been in the news for several days changed the situation? MarnetteD|Talk 00:30, 19 May 2019 (UTC)

I've revdel'ed the offending edit. Full suppression (oversighting) feels like overkill to me at the moment, though I might change my mind and won't put up a fuss if someone else decides to suppress. — Richwales (no relation to Jimbo) 00:35, 19 May 2019 (UTC)

Thanks for the explanation. Enjoy the rest of your weekend :-) MarnetteD|Talk 00:45, 19 May 2019 (UTC)