ArbCom 2019 special circular

 
Administrators must secure their accounts

The Arbitration Committee may require a new RfA if your account is compromised.

View additional information

This message was sent to all administrators following a recent motion. Thank you for your attention. For the Arbitration Committee, Cameron11598 02:23, 4 May 2019 (UTC)

Administrator account security (Correction to Arbcom 2019 special circular)

ArbCom would like to apologise and correct our previous mass message in light of the response from the community.

Since November 2018, six administrator accounts have been compromised and temporarily desysopped. In an effort to help improve account security, our intention was to remind administrators of existing policies on account security — that they are required to "have strong passwords and follow appropriate personal security practices." We have updated our procedures to ensure that we enforce these policies more strictly in the future. The policies themselves have not changed. In particular, two-factor authentication remains an optional means of adding extra security to your account. The choice not to enable 2FA will not be considered when deciding to restore sysop privileges to administrator accounts that were compromised.

We are sorry for the wording of our previous message, which did not accurately convey this, and deeply regret the tone in which it was delivered.

For the Arbitration Committee, -Cameron11598 21:03, 4 May 2019 (UTC)