Editors in this thread appear to be of the opinion that is is permitted to link to websites which violate copyright so long as it is the official website of the subject of the article. Citing WP:COPYLINK:

In articles about a website, it is acceptable to include a link to that website even if there are possible copyright violations somewhere on the site.

This is at odds with WP:ELOFFICIAL:

These links are normally exempt from the links normally to be avoided, but they are not exempt from the restrictions on linking.

WP:ELNEVER in turn states:

material that violates the copyrights of others per contributors' rights and obligations should not be linked, whether in an external-links section or in a citation

Furthermore, copyright violations is part of the TOU and is therefore not an issue which is subject to consensus.

Simply put, if there is a local policy that permits copyright violating links, then the local policy is wrong, and should be changed or ignored. GMG^talk 14:31, 16 October 2018 (UTC)[reply]

• The official website link itself does not violate copyright. Same reason while why some youtube links violate copyright that does not mean we can't link to "youtube.com" or other youtube links. Technically, one could also link to sci-hub pdfs of public domain material etc Galobtter (pingó mió) 14:41, 16 October 2018 (UTC)[reply]

• And YouTube has a regime in place to detect and remove copyright violating material, even if it lags behind uploads. This is not the case when linking to a site for which the violation of copyright is their core purpose, and who is frequently changing domains in order to avoid enforcement of copyright laws. Linking to such as sight is helping to bypass the copyright protections they are trying to avoid, and is therefore contributory copyright infringement. GMG^talk 14:54, 16 October 2018 (UTC)[reply]

• I have yet to find anything indicating that simply linking to a website that contains copyrighted material on one of its other pages has been ruled contributory copyright infringement. Directly linking to copyrighted material on another page definitely has, but the homepage of a service that simply can be used to obtain copyrighted material? Seems more like original research than anything explicitly established in policy. --tronvillain (talk) 16:58, 16 October 2018 (UTC)[reply]
• There are plenty of old copyright violations on Youtube. As a matter of fact, I'm listening to one right now, and furthermore it's easily reachable using Youtube's native search, in much the same way that copyright violations are accessible on Sci-Hub using that site's search bar. Daß Wölf 02:07, 17 October 2018 (UTC)[reply]

• There's no conflict with WP:ELNEVER: no material that violates the copyrights of others is being linked to. Unless you can tell us how to click through to copyrighted material from those pages? --tronvillain (talk) 15:08, 16 October 2018 (UTC)[reply]
  • This is the crucial point - the mainpages of Sci-Hub and The Pirate Bay do not contain any copyrighted material. SmartSE (talk) 15:10, 16 October 2018 (UTC)[reply]
    • And unlike The Pirate Bay, you can't browse to anything on Sci-Hub. --tronvillain (talk) 15:13, 16 October 2018 (UTC)[reply]
      • Yes, you can. Note the dozen-plus links to journals on their home page, because it is a website whose purpose is to violate copyright. GMG^talk 15:15, 16 October 2018 (UTC)[reply]
        • I'm not seeing a "dozen-plus links to journals on their home page", and I'm looking pretty carefully. There's the search area, the "About" section, the "Ideas" section, the "Community" section, the "Donate" section, and some share buttons. Where are these links? --tronvillain (talk) 15:26, 16 October 2018 (UTC)[reply]
          • Are you looking at their original website, or one of the dozen alternate domains they've registered to circumvent copyright law? GMG^talk 15:31, 16 October 2018 (UTC)[reply]
            • I'm looking at the pages you removed. Unless for some reason we're talking about different websites that weren't being linked to? --tronvillain (talk) 15:35, 16 October 2018 (UTC); edited 15:46, 16 October 2018 (UTC)[reply]
              • Regardless, the claim that the link is not copyright violating is hollow when the entire point of the site linked to is to violate copyright. GMG^talk 15:53, 16 October 2018 (UTC)[reply]
                • So these links you're talking about don't exist in the pages you removed? Great, I'm not just missing something obvious. It's really not hollow, when the policy you're citing is about linking to material that violates the copyrights of others, not to websites that can potentially be used to obtain such material. --tronvillain (talk) 16:00, 16 October 2018 (UTC)[reply]
                  • Except that courts have ruled that providing a service by which the public can easily and illicitly access copyrighted works is itself copyright violating. GMG^talk 16:07, 16 October 2018 (UTC)[reply]
                    • So, you're arguing for expanding WP:ELNEVER beyond not linking to copyrighted material to not linking to anything that might provide be used to access copyrighted material? I thought you were arguing for changing WP:COPYLINK, but okay. --tronvillain (talk) 16:21, 16 October 2018 (UTC)[reply]
                      • ELNEVER covers material that violates the copyrights of others. There is no change to ELNEVER necessary. There is already precedent that these services themselves, including this service in particular is copyright violating. GMG^talk 16:24, 16 October 2018 (UTC)[reply]
                        • That decision clearly says that Sci-Hub violated the American Chemical Society's copyright by distributing their copyrighted material, but it doesn't follow from that that their homepage in and of itself constitutes material that violates the copyrights of others. That particular interpretation presumably needs some consensus, or a clarification of the terms of use. --tronvillain (talk) 16:58, 16 October 2018 (UTC)[reply]
                          • The Pirate Bay ruling above does clearly state that these services qualify as a public broadcast for the purposes of copyright. The services themselves are copyright violating, and these sites serve no other purpose other than to facilitate the violation of copyright. GMG^talk 17:03, 16 October 2018 (UTC)[reply]
                            • Really? No other purpose? How do you explain the following link to a torrent of the GIMP v5.12 Open Source Image Editor, downloaded from The Pirate Bay? [1] --Guy Macon (talk) 13:31, 25 October 2018 (UTC)[reply]

                              Yeah, the "torrent sites = piracy" canard is silly. All sorts of things are distributed on them, including public domain material, and copyrighted material explicitly permitted to be distributed on them. It goes from silly to sillier when people try to blame the medium itself, the BitTorrent protocols.  — SMcCandlish ☏ ¢ 😼  20:39, 13 November 2018 (UTC)[reply]

                              • Example text Yes, we are all very lucky that these sites are being dragged through court, banned in multiple countries, constantly having their domains shut down and relocating, all so they can bravely provide us with legal content. (Didn't Pirate Bay try to buy their own nation once?) God bless them. God bless them every one. GMG^talk 20:47, 13 November 2018 (UTC)[reply]

• It seems to me that this is a question that should be bumped up to the WMF’s attorneys. Blueboar (talk) 16:46, 16 October 2018 (UTC)[reply]
  • You might be right there. --tronvillain (talk) 16:58, 16 October 2018 (UTC)[reply]
    • I'm not sure we're going to get much more than a boiler plate statement, but ping User:Jrogers (WMF) anyway in case they'd like to weigh in. GMG^talk 18:03, 16 October 2018 (UTC)[reply]
• Why would we link to a site that is known solely for hosting copyright material illegally? This link has no encyclopaedic utility. What are people going to do if they click the link? All they will find there is self-serving claims by a site that is, bluntly, criminal. Guy (Help!) 11:01, 17 October 2018 (UTC)[reply]

@JzG: Sci-Hub probably has more "encyclopedic utility" than Wikipedia. And saying "what are people going to do if they click the link?" is no different than saying "what will people do if they read the article?" Or "what will people do if they hear the name?" Obviously, they might look for it. Gee, that would be a shame. Violating "intellectual property" is the same kind of illegality as violating a slave-owner's carnal property. Wnt (talk) 01:26, 18 October 2018 (UTC)[reply]

What rot. The link on the Sci-Hub article is largely decorative. Clicking it says less about the site than we do because it presents the site from a perspective that is objectively incorrect. Contributory copyright infringement is also a thing. Guy (Help!) 16:02, 22 October 2018 (UTC)[reply]

Looking at the site is an objectively incorrect way of learning about the site? A link is "decorative" ... and that's why you're fired up to delete it? If what you say has a meaning, I'm not convinced at this point. Wnt (talk) 02:58, 27 October 2018 (UTC)[reply]

• If the site's reason to exist is to distribute material clearly against copyright, we should not link to it at all. Site's where copyright violations may exist but that is not the reason or function of the site and particular now due to actions of the site's operators, like YouTube or Researchgate, we can link to. --Masem (t) 11:13, 17 October 2018 (UTC)[reply]

  Masem - What's your opinion when this is say, the official site of the subject in question. For instance, we have an article on The Pirate Bay, which has a official website to that page. Pages like WireShare also have a similar page setup. Lee Vilenski ^{(talk • contribs)} 11:24, 17 October 2018 (UTC)[reply]

  I removed the links on the Pirate Bay article also, but was reverted. GMG^talk 11:26, 17 October 2018 (UTC)[reply]

  If it is the official site, we should not include and probably have a message why no link is included. Wires are seems to be a client that can be used to violate copyright, but requires users to give that material, so it's less of a prolem. --Masem (t) 11:31, 17 October 2018 (UTC)[reply]

  Wireshare/Limewire is an opensource P2P client. By that reasoning literally every P2P client can be said to be 'used to violate copyright' - as can every web browser, archive tool (winrar) etc. The difference is that Pirate Bay exists only to provide direct links to copyright infringing material (with a smidgeon of public domain) and SciHub similar (and actually hosts copyright infringing material itself). Only in death does duty end (talk) 11:36, 17 October 2018 (UTC)[reply]

  And the 'official' link, if it can be called such on wireshare is to its source page at github. Github hosts a huge array of opensource projects. I dont think anyone is going to suggest we start removing github links as it enables copyright infringement are they? Only in death does duty end (talk) 11:40, 17 October 2018 (UTC)[reply]

• Include these links is my official vote. The text in the "Restrictions on linking" section should be taken to mean that you should not include a link if and only if clicking the link would directly cause the user to download [including as extended content directly included within a web page] copyright-infringing material. Not because he might find out more about how or where to do so or read some philosophy or download some program that might make it easier for him to decide to do so. Wnt (talk) 01:29, 18 October 2018 (UTC)[reply]

• That would be a reasonable interpretation of both WP:ELOFFICIAL and WP:COPYLINK. Hawkeye7 (discuss) 01:34, 18 October 2018 (UTC)[reply]

• I also vote that these links should be included: It should not be the role of Wikipedia editors to police the copyright behaviour of readers. If clicking on a link does not automatically trigger a copyright violation, and if there is no clear instruction from WP legal that this is not permitted, then Wikipedia users should be entrusted to make their own decisions with the information available.Kyle MoJo (talk) 08:51, 19 October 2018 (UTC)[reply]

• If it is legal under US law for Wikipedia to link to the homepage of these websites, then these links should be included as they are for any other website. If we permit ourselves to censor links based on moral objections to the site's contents (as opposed to legal objections) then this will be a never-ending debate. (Which objectionable site's official links should we remove next, Pornhub's, AlphaBay's?) Sizeofint (talk) 15:50, 19 October 2018 (UTC)[reply]

• I think there's a distinction to be made between linking to a page that is itself a copyright violation, and linking to a service that sometimes hosts copyright violations somewhere on it. For me, the difference is between linking to the main YouTube page (which has no copyright violations) and linking to a video on YouTube that is itself a copyright violation. If the page we link to is itself kosher, there's no reason we shouldn't link to it (provided it meets other policies and guidelines, yada yada). --Jayron32 16:14, 19 October 2018 (UTC)[reply]

That misses the main thrust of the issue though. YouTube is a legitimate site that happens to have some copyrighted material on it (so is Wikipedia if we're being honest). No one is raising a fuss in that regard. The problem is when we have a site whose core purpose is the violation of copyright, and which courts have ruled are in-and-of themselves copyright violating services. That's potentially legally problematic, especially for sites that have been blocked in multiple countries, and for whom our article is likely higher in search results than their actual website.

I don't expect legal to actually give us an opinion on the matter, although I have emailed them and notified them of this thread. (Legal, in my experience, doesn't express much of an opinion on copyright unless they have a takedown notice in hand.) But just because legal won't preempt themselves in public on an issue they may have to one day argue in court, doesn't mean this doesn't have foreseeable potential legal implications. GMG^talk 00:06, 20 October 2018 (UTC)[reply]

I think the en.wiki community is neither required, nor particularly competent, to judge fine legal niceties like this. If the Foundation lawyers are worried about it, they'll let us know; it's certainly been pointed out to them. If they're not, I don't see why we should be. --Trovatore (talk) 00:18, 20 October 2018 (UTC)[reply]

Even if there is some lawsuit out there by the ACS (one of the worst offenders in terms of paywalled articles), that would only speak to their liability to ACS about ACS articles according to a court far from Sci-Hub's own country. A private lawsuit between those parties could not have produced an overall determination of the "core purpose" of the site as some kind of law or regulation that everyone else is supposed to know about or follow. I think that the core purpose of the site is obvious: it is meant to allow people all over the world to share the text of articles to which they have access with people who express their interest; in other words, it is an interlibrary loan site very similar in nature and operation to WP:WikiProject Resource Exchange or ResearchGate, though more efficient. While American Chemical Society may be eager to extract a few dollars from peasants particularly desperate to see some article, this foolish crusade comes at a substantial cost -- because what is the ordinary voter going to do who hears about a chemical controversy and runs into a paywall telling him he's not allowed to see the publicly funded science for himself? He is going to do what any intelligent person would do in that situation and conclude that "chemicals are bad for you." You can't blame a person for having a stupid point of view when you have hired guns standing over him to force him to be stupid. But I digress. Wnt (talk) 20:44, 20 October 2018 (UTC)[reply]

Interlibrary loan terms are agreed to in contracts and subscription packages, and have various restrictions (and generally a charge on the part of the borrowing library, explicitly to protect copyright). Sci-hub, by it's own admission, has none of that. Every source agrees that it's intentionally and knowingly violating copyright laws on the articles. There's never been a colorable legal argument made by Sci-Hub or any of its defenders to the contrary; indeed, part of its justification is that those laws are unjust, harmful and deserve to be defeated, but not that they aren't being violated as they currently exist. That's it's whole reason for existence. The fact that I think modern copyright law is insane (which it is) doesn't change that it is the law at the moment.Just a Rube (talk) 11:46, 22 October 2018 (UTC)[reply]

To the best of my knowledge, any such guidelines are not universally followed even in the United States, and it is worth noting that Sci-Hub is not in the United States and is free to follow whatever legal standards its country adopts for Fair Use. The site has not been shut down, its maintainers have not been arrested, and so the only question is whether your national network is going to censor foreign traffic because it contains dangerous information, or ban local discussion of how to access such networks. Wnt (talk) 03:10, 27 October 2018 (UTC)[reply]

• No link the site's entire purpose is to violate copyright law. There is no non-infringing purpose behind it. Anyone who wants to find the site can find it easily without including a link.Just a Rube (talk) 11:46, 22 October 2018 (UTC)[reply]
  • Really? No non-infringing purpose? How do you explain the following link to a torrent of the GIMP v5.12 Open Source Image Editor, downloaded from The Pirate Bay? [2] --Guy Macon (talk) 13:31, 25 October 2018 (UTC)[reply]
    • Given that Gimp is only at v2.10, one has to ask out legit that is. It is known that software pirates often rename files to mask what they offer, this looks like such a case. --Masem (t) 13:36, 25 October 2018 (UTC)[reply]
      • I don't want to delve into nitty gritty of version numbers of package components, so I'll just cite Darkwood, TPB AFK, 3D printer data distributed on Pirate Bay. I'm sure there are other "legitimate" uses. (Well, you can argue the last isn't legitimate since the data is banned in the U.S. under the 1st and 2nd amendments, but Pirate Bay isn't in the U.S., and the U.S. actually targeted one person only, so... but Wikipedia made me take out Infowars' link to the topic that came up, because you know that's fake news ... computers are all about the owner of the computer telling everyone else what to do for no reason at all, so I shouldn't be surprised at any of you any more. You live to serve your Master, period.) Wnt (talk) 03:29, 27 October 2018 (UTC)[reply]
• Do not link to any dedicated copyright violating service. I'm not above admitting to using Sci-Hub, or the Pirate's Bay on occasion, but that should not be taken as any sort of push to legitimize them. If there is no other significant service offered by the site, then there is no encyclopedic value offered by including the link. Peer-to-peer networks and clients are not dedicated copyright violating services, but -like YouTube or google image search- are services which are frequently misused for that purpose. ᛗᛁᛟᛚᚾᛁᚱPants Tell me all about it. 12:43, 22 October 2018 (UTC)[reply]
• Yes link. The purpose of the link is key. You can't use a link to point to infringing content relevant to some article, but of course you can use a link to identify and access a site itself. Alsee (talk) 01:27, 25 October 2018 (UTC)[reply]

• Yes link - Linking to a domain is not infringeing copyright. What our readers do once they navigate to a site is up to them. It would be pretty stupid for a website article not to have the URL - it's one of the fundamental pieces of information about the topic and we are not meeting our readers' expectations if we do not include them. If there are legal issues with us linking to the, them WMF legal will let us know, but the fact that these links have been present so long indicates that they are not. SmartSE (talk) 12:11, 25 October 2018 (UTC)[reply]

• Yes Link. Even a site like The Pirate Bay has legitimate uses. For example, it is the fastest way to download older versions of Slackware Linux. And a site like Google can easily be used to find copyright-infringing material. --Guy Macon (talk) 12:36, 25 October 2018 (UTC)[reply]
• No link - It’s not just that the admitted purpose of the site is to violate copyright, and linking to the site aides and abets illegal activity; but the site is used for spreading malware. O3000 (talk) 13:25, 25 October 2018 (UTC)[reply]

• Yes Link. It seems like a silly political statement to leave the link missing and looks like an error.Sushilover2000 (talk) 14:29, 25 October 2018 (UTC)[reply]
• Well here's the Foundation Legal response:

I'm a bit late replying, but thought I'd offer a couple thoughts. First, the actual legal doctrine is nigh-impossible to do anything with. Links like this vary by country, and the current doctrine in Europe asks questions about the specific knowledge of the person doing the linking and whether the link is for commercial purposes, among other things. I would suggest that the Foundation is not going to overrule the community if people think that specific links are appropriate and important for an encyclopedia article on a notable topic, but there is a chance we could receive legal demands in specific cases that cause us to have to change something, which we would evaluate on a case by case basis if it came up. Also, just as a matter of community good will, if you know that a particular Wikipedia page is being used as a hub to facilitate copyright infringement for some reason, it's probably good to make changes to prevent that, regardless of the specifics of what the law says.

For whatever difference that makes to anyone. GMG^talk 21:25, 25 October 2018 (UTC)[reply]

It means I really regret that Mike Godwin, a couple of months after dissing the FBI on our behalf, somehow ended up bundled off to a loony bin. He was never prone to mumble! Nor would he have been one to contemplate retreating without a fight based on mere demands from the right-placed parties. But that kind of private law isn't something you can try to anticipate -- they're nonetheless saying they'll do whatever whenever, and we can go back to our regularly scheduled article unless and until they make it a ruin. Wnt (talk) 03:04, 27 October 2018 (UTC)[reply]

Also, just as a matter of community good will, if you know that a particular Wikipedia page is being used as a hub to facilitate copyright infringement for some reason, it's probably good to make changes to prevent that, regardless of the specifics of what the law says And what about WP:NOTCENSORED?

• Here is an idea. Forbid any links to any site that may link to any other site that may link to copyright infringing material. That makes it simple: we can set up a bot that removes every citation on Wikipedia. No more arguing about sources if all the sources are removed! The only downside is that the copyright-industrial-complex will say that this is not good enough, and that we need to form death squads to kill suspected infringers. --Guy Macon (talk) 05:44, 27 October 2018 (UTC)[reply]

Your logical fallacy is: slippery slope. This site is dedicated to copyright violation. It's not about some links to a site that might hypothetically link to another site that violates copyright, it's about direct links to a site whose sole reason for existence is the systematic violation of copyright. Guy (Help!) 10:52, 27 October 2018 (UTC)[reply]

From between the serapham, JzG has judged the sole reason for existence of a site. Yup, these sites are only for copyright violation. Unless they're also for distributing documentaries and games legally, as I cited above, or more interestingly, for violating censorship not-laws against making a drawing of a gun that someone could use to program a 3D printer. Really, I think the 3D printing business could be Pirate Bay's biggest draw in a few years, because just think of all the stuff various governments will be looking to ban blueprints for. I mean, what if you could 3D print the little plastic thingamajjig that is absolutely required to close your microwave door and authorize its electronic Brain to allow you to turn it on and which is designed to break every 3 years to make you buy a new one? Making one the right length with the right curve to fit would violate, oh, patents, design patents, business model patents, and copyrights on their mode of operation, right? Somebody gotta ban it, and it'll turn up on Pirate Bay. Or what if you could 3D print eyeglasses that aren't within the legal range of farsightness to be sold cheaply on a rack at the drugstore, undermining the doctors' racket? Somebody gotta ban it. Or what if you could make something to bypass location tricking on a fancy new self-driving car and make it visit a location proles aren't allowed to? It would be out and out terrorism! What if you could download a banner opposing fascism or supporting democracy during the key period before the election in Brazil where such content is taken as obviously partisan against Bolsonaro? [3] Obviously gotta ban that, worldwide. So I see potential for all kinds of Illegal Activities On Pirate Bay that don't fall strictly into the realm of copyright violation. Wnt (talk) 12:49, 27 October 2018 (UTC)[reply]

And according to our Sci-Hub article, that website has a significant amount of public domain content that heretofore was hidden behind paywalls. Sizeofint (talk) 17:01, 27 October 2018 (UTC)[reply]

Foundation Legal isn't stopping us from linking, so legality isn't the issue here. To summarize the above discussion, it seems like those opposed to linking are mostly just making moralistic arguments in favor of attempting to police the behavior of our users. If this discussion is indeed such a moral judgement, then I suppose I'd toss my vote in favor. But of course, I was under the impression that Wikipedia is not censored. Benjamin (talk) 08:24, 3 November 2018 (UTC)[reply]

• "Should not" does not mean "must not". Stifle (talk) 10:05, 5 November 2018 (UTC)[reply]

• Yes Link. The site may indeed contain copyright-infringing material, but I find it unlikely that the site itself is a copyright violation, as some above seem to be arguing. If so, whose code did they copy? If it's that much of a problem, add a warning. --Auric talk 15:11, 12 November 2018 (UTC)[reply]
• Yes link to official websites, no matter their content. --NaBUru38 (talk) 20:20, 16 November 2018 (UTC)[reply]
• Yes, link to official websites regardless of their perceived copyright status. Wikipedia is not censored, and the home pages of official websites generally do not contain copyright violations. Any legal issues (which are highly unlikely) can be resolved through office actions instead of proactive censorship. — Newslinger talk 00:01, 19 November 2018 (UTC)[reply]
• Yes, link unless WMF legal says otherwise. The URL is a "vital statistic" of any website and should be included for the reader's information; providing a link to their homepage is not a way of endorsing or condoning the copyright-violating content. –dlthewave ☎ 19:15, 22 November 2018 (UTC)[reply]
• Foundation Legal isn't stopping us from linking, so legality isn't the issue here. That's... not an appropriate assumption to make. Legal just isn't stepping in until someone issues a complaint. That doesn't mean "legality isn't the issue." — The Hand That Feeds You:^Bite 15:11, 23 November 2018 (UTC)[reply]

Should Wikipedia have one set of criteria about articles on schools up to and including the high school level and a different set for articles on schools of higher education? (I.e. beyond high school, e.g. universities.) -The Gnome (talk) 12:46, 9 November 2018 (UTC)[reply]

Background

This follows a series of discussions and RfCs in other pages, over the years. (See "Links to relevant threads," herebelow.) This RfC tries to take on the issue of school notability and inclusion of schools articles in Wikipedia slowly and piecemeal. It is posted here following the suggestion that the PUMP is the appropriate place for such a broad-policy question. Editors are encouraged to add to the link-sections below if they believe something is amiss.

List to relevant threads

• RfC: secondary school notability (8/1-23/2/2017)
• Discussion: Schools in, forever (21/4/2018-open)
• RfC: Schools' inherent notability (11/10-3/11/2018)

List to relevant policies, guidelines, essays

• WP:N; WP:ORG; WP:NSCHOOL, a sub-section of WP:ORG; WP:SCHOOLOUTCOMES; WP:NHS (essay).

Ping-o-mat

Notifying editors who got involved in past discussions:

• Cordless Larry, Cullen328, King of Hearts, Jbhunley, TonyBallioni, Sandstein, RileyBugz, Rhododendrites, Masem, Alanscottwalker, Jytdog, ansh666, Finnusertop, Edison, Alarics, Wugapodes, ThePlatypusofDoom, Chris troutman, Jonesey95, Starblind, Samwalton9, Ealdgyth, PamD, czar, Aircorn, Peter James, TheCatalyst31, Blackmane, Anne Delong. -The Gnome (talk) 06:24, 12 November 2018 (UTC)[reply]
• Paste, Narutolovehinata5, Only in death, Hullaballoo Wolfowitz, Graeme Bartlett, Kudpung, The Banner, ClemRutter, Beyond My Ken, MelanieN, DGG, Necrothesp, Thincat, SNUGGUMS, Noyster, Seraphimblade, Eustachiusz, Kaldari, Arxiloxos, JaconaFrere, This, that and the other, WhisperToMe, Northamerica1000, Dodger67, Carrite, Alansohn, Spirit of Eagle, Hobit. -The Gnome (talk) 06:24, 12 November 2018 (UTC)[reply]
• Beeblebrox, NewYorkActuary, Mz7, Izno, Reyk, Andrew Davidson, Bbb23, Stevietheman, Scribolt, Unscintillating, Nick-D, Enterprisey, MB, Altamel, Dicklyon, Lankiveil, SkyWarrior, Ad Orientem, Marvellous Spider-Man, Trackinfo, First Light, SMcCandlish, Lemongirl942, Sjakkalle, RGloucester, HandsomeBoy, XXN, David Tornheim, J947, JimMillerJr, John Carter, LindsayH. -The Gnome (talk) 06:25, 12 November 2018 (UTC)[reply]
• Chrisvls, The Whispering Wind, Ivanvector, JzG, Neljack, Bkonrad, Kusma, Just Chilling, Sitush, Carrite, Patar knight, Barry Ne, Necrothesp, DIYeditor, Atlantic306, Insertcleverphrasehere, Egaoblai, Domdeparis, Ravenswing, Galobtter, Alanscottwalker, K.e.coffman, Nosebagbear, Legacypac, Blueboar, AngusWOOF, AReaderOutThataway, Federalist51, Vexations, Redrose64, Paulmcdonald, Milowent, Johnpacklambert, Acnetj, Eastmain. -The Gnome (talk) 06:26, 12 November 2018 (UTC)[reply]

Survey

• No need - Both types of institution should be covered by WP:ORG. Blueboar (talk) 13:09, 9 November 2018 (UTC)[reply]
• No need every possible article which could ever be written is already covered by WP:42. If a SNG contravenes that principle, it is wrong, and if an SNG agrees with it, it is redundant. --Jayron32 04:55, 10 November 2018 (UTC)[reply]
• Remove distinction: they should just comply to WP:NORG. I'd also support removing the pesky exemption from CSD for schools that are patently non-notable. StraussInTheHouse (talk) 16:08, 10 November 2018 (UTC)[reply]
• Need: It is easier with some criteria that can be applied directly to avoid endless discussions about relevant articles that however gets a request for deletion or to avoid creating articles that are clearly not notable. Within sports there are criteria about which competitions or divisions give presumed notability to a player. For schools there are quite good criteria on Swedish Wikipedia (I know that each Wikipedia has its own rules.): sv:Wikipedia:Relevanskriterier#Skolor_och_andra_institutioner_för_lärande and sv:Wikipedia:Att_skriva_om_utbildning#Skolor_och_lärosäten. Hopefully Google translates them reasonable well, but here is a summary:

1. Universities etc: Presumed to be notable
2. Secondary schools: In some cases (old ..) presumed to be notable
3. Primary schools: not notable (should be in the article about the administrative unit to which they belong, as well as the not notable secondary schools)
4. School buildings: if built by some famous architect

The GNG is quite abstract, so there is need for concrete criteria. Per W (talk) 11:10, 11 November 2018 (UTC)[reply]

• No need, using NORG for both, per Blueboar/Jayron32. I will point out there have been past attempts to have school-specific notability guidelines, but these never gained consensus (per what Per W is describing). --Masem (t) 06:32, 12 November 2018 (UTC)[reply]
• Uncertain what to use for specific criteria, if any at all other than WP:GNG. I should however note that simply being verified to exist DOES NOT make any educational institution inherently notable enough to warrant a page. We shouldn't presume something is article-worthy just because it's a college/university/school. Perhaps WP:NSCHOOL could make a more explicit note of this. Snuggums (talk / edits) 06:36, 12 November 2018 (UTC)[reply]
• I'm not sure if we do need a SNG for schools (I'm leaning towards yes), but I'd rather that we don't allow articles on every single secondary school. There has to be a cut-off somewhere. Narutolovehinata5 ^tccsdnew 06:40, 12 November 2018 (UTC)[reply]

• Yes schools are not just ORGs they are a special kind of organization that attract articles. Everyone would like to see their high school and University on Wikipedia. Schools tend to produce notable graduates. They are important infrastructure like highways and town councils and they play an important role in building communities. Wikipedia does a public service by covering schools because it allows some verification that people are listing real schools on their resumes and not diploma mills. I believe every legitimate post sec degree granting school should have a page, while high schools and elementry schools should be covered within a page on their school district. If there is no school district (say an independant/private school) high schools should have pages and elementary schools not. I strongly favor a bright line rule like WP:GEOLAND rather than a fuzzy guideline that results in endless debates about the notability of this or that school, how reliable the sources are and so on. Why is school X notable while school Y across town in the same district is not? Sports and crime stories are going to decide notability if we have a fuzzy rule. Legacypac (talk) 06:41, 12 November 2018 (UTC)[reply]

• "Everyone would like to see their high school and University on Wikipedia". While that may be true for most, I can recall cases at OTRS where teachers have contacted us asking for the article on their school to be deleted because it is a target for vandalism. Just the other day, I removed some highly derogatory content from Berachampa Deulia Uchcha Vidyalaya that had gone unnoticed for more than a year. This is partly why I think we should focus on quality over quantity with schools articles. Cordless Larry (talk) 08:09, 12 November 2018 (UTC)[reply]

• I lean toward "no need" but am open to being convinced otherwise, mainly because of the years of dispute history involving this stuff. In the views of those who think we need special rules for schools, please explain a) why NORG isn't good enough, and b) why it can't just be fixed in NORG instead of in a probably pointless WP:POLICYFORK that we'd be likely to merge anyway. On the above detailed proposition, I don't agree with Per W's summary. No secondary schools are "presumed to be notable". If one is very old and has a richly detailed RS track record, it is notable because of the RS coverage – it is demonstrated not presumed to be notable. I don't think even universities should be presumed to be notable, since various things call themselves universities that are not one. If something with "College" or "University" or "Institute" in its name turns out to be notable it's because we verified the RS coverage of it and demonstrated it to be notable, not because we presumed it was notable. Mountain ranges and heads of state are presumptively notable because of what they are, of their scope in the grand scheme of things. I agree that primary schools are presumptively non-notable, i.e., that it's going to take really strong RS showing to demonstrate that one is. That said, NORG seems to already have all this covered.  — SMcCandlish ☏ ¢ 😼  06:53, 12 November 2018 (UTC)[reply]
  • Comment: Assigning qualitative attributes to higher educational institutions must be the work of sources considered by Wikipedia to be reliable; it's certainly not within an editor's scope of authority since that would be their own, personal judgement. In case no such third-party, independent assessors of higher-education quality exist, we have to decide what to do, in view of what SMcCandlish rightly points out above ("various things call themselves universities that are not one"). -The Gnome (talk) 12:11, 18 November 2018 (UTC)[reply]

    Definitely not an idle concern. I ran into this right before the wikibreak I just returned from (a religious, borderline cult thing that got permission to build a "university" in one country or another, but which is really an indoctrination farm and money-suction device). There is some coverage of it (though probably based on press releases by the religious group and/or the govt. that approved their permits and stuff); an editor unaware of the organization's nature might easily be fooled into assuming it really was an instititution of higher learning. This is very similar to all the charter schools being run by for-profit companies, just with a religious instead of commercial focus.  — SMcCandlish ☏ ¢ 😼  19:30, 18 November 2018 (UTC)[reply]

• Clarification:

1. Universities and colleges: Presumed to be notable
2. Secondary schools (including defunct institutions): Presumed to be notable
3. Primary schools: Some AfD's have been ridiculous and overzealous in squashing notability of some lower level schools that have achieved significant coverage. I am frequently astounded at the serial blindness of a certain class of editors who cannot see a long list of sources, obviously achieving the basics of WP:GNG. Instead they only see the hard gospel of a WP:SCHOOLOUTCOMES, with no room for reason.

Because we have that class of editor roaming the back pages of AfDs (looking to cause trouble), we cannot provide them any further ammunition for their arguments. No wiggle room, no further limitations they can misinterpret as an excuse to censor additional wikipedia content. I will note, on the many school articles I have tried to create or improve, I have not found the same consistent set of sources for school information that are available for other common subjects. Government lists are frequently years out of date and incomplete. Many sources are community generated and don't meet the standard of WP:RS. And the best sources for a specific school ultimately resolve back to WP:PRIMARY where your quality and consistency may vary. I know of probably a dozen or more large schools that have no articles and that have been that way for a decade. Why? The sources to create even the most cursory stub just aren't available to me or anyone else who looks. I've personally written to many schools suggesting they write their own article . . . make it a class project. Tell the world the story of your school and find the local sources to back it up. It has worked a few times, but most of the time it is ignored. With that inconsistency of sources, additional limitations to our criteria are not warranted or useful. Trackinfo (talk) 07:04, 12 November 2018 (UTC)[reply]

Please see my comment just above yours. It's highly dubious that any of these things are presumed notable, certainly not below the university level and even that's iffy because not everything with that word in its name is a legit institution. PS: Deletion is not determined by a conspiratorial cabal of roaming troublemakers, but by general community consensus at AfD. If someone makes compelling arguments for deletion and no one can mount a compelling reason to keep then the article should in fact be deleted. You seem to be making an argument against Wikipedia operating the way Wikipedia operates.  — SMcCandlish ☏ ¢ 😼  14:26, 14 November 2018 (UTC)[reply]

• No need A key problem with having different rules for different tiers of education is that the institutions within those tiers differ wildly. For instance, while US high schools seem to be huge, Australian ones tend to be relatively small (hence a major issue I have with editors who argue that high schools are automatically notable - maybe they are in the US, but not in Australia). The size of higher education institutions in Australia varies from about 73,000 students at Monash University to dozens at some private sector tertiary education providers, so obviously the same rules can't apply to all. WP:ORG does a good job, and there's no need to treat educational institutions in a special way. Nick-D (talk) 07:17, 12 November 2018 (UTC)[reply]
• Please close this before it becomes a huge mess like the last RfC on this issue some things are just best not talked about in a large RfC and are best found out through practice. Divisive issues where massive RfCs have consistently not reached any consensus are one of them. Also, NORG explicitly does not apply to schools as was part of the consensus adopting the new standards. TonyBallioni (talk) 08:38, 12 November 2018 (UTC)[reply]
• No point. This is a battle that was lost over a decade ago, and the notion that secondary schools of whatever size or importance are exempt from any notability standards or sourcing requirements is about as set in concrete as any COMMONOUTCOME on Wikipedia. Waste of time and breath to hash it out yet again. Ravenswing 08:42, 12 November 2018 (UTC)[reply]
• No. In actual fact, the criteria we usually use cover (a) primary and middle schools, and (b) secondary schools and tertiary institutions. We usually consider (b) to be notable and (a) not to be. -- Necrothesp (talk) 08:46, 12 November 2018 (UTC)[reply]

@Necrothesp: where are the criteria that are used? --Per W (talk) 12:41, 12 November 2018 (UTC)[reply]

• No need - Both types of institution should be covered by WP:ORG. But it should be a good idea to get rid of SCHOOLOUTCOMES as it is too often misused as a policy to keep schools, even when horribly written and unsourced. The Banner talk 09:45, 12 November 2018 (UTC)[reply]
• I agree with TonyBallioni, and I think the specific line he is referring to in WP:ORG is The scope of this guideline covers all groups of people organized together for a purpose with the exception of non-profit educational institutions ... (emphasis mine). Mz7 (talk) 12:34, 12 November 2018 (UTC)[reply]

The problem with that highlighted sentence is that the ORG guideline subsequently goes into some detail about schools... in fact it has an entire sub-section devoted to them... so (despite the highlighted sentence) it is obvious that schools ARE considered within the scope of the ORG guideline. I think that sentence will need to be removed, but that is for another discussion. Blueboar (talk) 17:05, 12 November 2018 (UTC)[reply]

Yeah, point taken. Mz7 (talk) 03:39, 13 November 2018 (UTC)[reply]

• No per Necrothesp's comments. Over six years ago I perused 100s of high school AfDs which I compiled in an essay and concluded that no matter what anyone ever says and how many RfCs and dramafest discussions we have, verifiable high school articles that aren't just a one-sentence piece of crap are almost ALWAYS kept. --Milowent • ^hasspoken 12:55, 12 November 2018 (UTC)[reply]

Good survey! So a well-written article (with enough verifiable content) about a high school should be kept. Couldn't we then state somewhere that high schools are presumed to be notable? Then we can avoid lots of discussions. --Per W (talk) 14:39, 12 November 2018 (UTC)[reply]

Note that the phrase "presumed to be notable" does not mean "is inherently notable". A presumption of notability simply means we should give a school article the benefit of the doubt... waiting to delete until we have done due diligence in searching for sources (per WP:BEFORE). Blueboar (talk) 17:05, 12 November 2018 (UTC)[reply]

• It would be interesting to repeat that exercise now, Milowent. Just in the past 24 hours, we've had Wikipedia:Articles for deletion/Kishorchak Banamali High School closed as delete and Wikipedia:Articles for deletion/Shayama Prasad Shikshayatan High School as merge. Cordless Larry (talk) 09:21, 13 November 2018 (UTC)[reply]

Cordless Larry: See, and that's exactly what I was talking about below, about schools in non-English speaking countries. We delete them because we don't have or can't read the foreign-language sources. But I can guarantee you such schools would have been kept if they were in Anglophone countries. In effect, if we insist on GNG for high schools we are institutionalizing WP:Systemic bias. --MelanieN (talk) 10:07, 13 November 2018 (UTC)[reply]

But if we can't read the sources, then I don't see what we can base articles on. I'm also not sure that the issue is about not being able to read the sources, because we have some regular school AfD participants who have the language skills necessary to read local sources, but rather that the sources often don't exist online, so we can't access them. Cordless Larry (talk) 10:10, 13 November 2018 (UTC)[reply]

Cordless Larry: The only thing I've seen changing is that more articles are being created these days for high schools in far flung non-English speaking places without available online sourcing. Those have always candidates for deletion. When the "are high schools notable?!?" debate began 15 years ago with the VfD for Union County Magnet High Schools, editors were debating mainstream large American high schools. E.g., Jimbo Wales made the argument in November 2003 that Randolph School could have an article. No one would dream of sending something like that to AfD today. I screenshotted the article deleted via Wikipedia:Articles for deletion/Kishorchak Banamali High School, it was unsourced, there was no option but to delete. If someone wants to spend their time on wikipedia tracking down stubs to Indonesian and Indian high schools without sourcing, they will get them deleted.--Milowent • ^hasspoken 14:01, 13 November 2018 (UTC)[reply]

Yes, true enough about Kishorchak Banamali High School, which was pretty much my argument there too, Milowent. Some editors will still argue for keep even in such circumstances, however - including admins, which worries me. Cordless Larry (talk) 14:39, 13 November 2018 (UTC)[reply]

• Keep the current understanding: institutions of higher learning (degree granting) and secondary schools (diploma granting) should be presumed to be notable, if there is confirmation of their existence and status. This practice 1) prevents endless arguments because high schools and colleges, like professional sports figures, virtually always turn out in a search to have enough coverage to qualify, and 2) helps to get around our inherent bias against non-English-speaking countries, since even though coverage likely exists, it can be hard to find in the non-English press. MelanieN (talk) 17:24, 12 November 2018 (UTC)[reply]

• (@MelanieN:, where is the current understanding? --Per W (talk) 18:52, 12 November 2018 (UTC)[reply]
• I sincerely doubt that the "current understanding" is that all high schools and above possess inherent notability. But I could be wrong. -The Gnome (talk) 19:57, 12 November 2018 (UTC)[reply]

• Keep as is. Agree with MelanieN on all issues. In fact I'd like to take her comment above and frame it somewhere. Hobit (talk) 18:08, 12 November 2018 (UTC)[reply]
• Different set lower than GNG (Thus NOT NORG) - Secondary schools and definitely accredited universities should be presumed notable status. Classifying them in with WP:NORG is wildly OTT and also sets them a higher level of standards to meet when the circumstances for those stricter requirements is less likely to occur. I haven't marked this as "Keep" like MelanieN since there is such disagreement as well as partial rollback from this position that "Keep" is itself a level of dispute. Nosebagbear (talk) 18:21, 12 November 2018 (UTC)[reply]
• No – GNG suffices. Nothing should be 'presumed' notable. If it doesn't meet GNG, it doesn't belong on Wikipedia. RGloucester — ☎ 03:33, 13 November 2018 (UTC)[reply]

On the contrary, there are many traditional and accepted special guidelines at enwiki that define notability in ways other than GNG - for example, WP:NACADEMICS. This is not a new or startling concept, it is long-established practice; see WP:SNG. There are many special guidelines for specific categories of article that "presume notability" if certain criteria are met - for example, playing a professional sport at the highest level. The rationale behind this presumption is that such people will virtually always be found to have received coverage that meets GNG, so let's just accept that and not get into thousands of individual arguments about it. The nutshell at WP:NSPORTS spells it out very clearly: "An athlete is presumed to be notable if the person has actively participated in a major amateur or professional competition or won a significant honor, as listed on this page, and so is likely to have received significant coverage in reliable secondary sources that are independent of the subject." That is also the rationale behind presuming notability for high schools and colleges. --MelanieN (talk) 09:59, 13 November 2018 (UTC)[reply]

Did you ever consider that perhaps I do not agree with the way such guidelines are used? I'm being asked this question in the context of schools, and in the context of schools, I do not believe anything other than GNG is required. We can discuss sport when someone opens an RfC on that subject. If a school does not meet GNG, it does not need a Wikipedia article. Wikipedia is not a directory. In any case, like others here, I would also be satisfied by bringing schools formally under WP:ORG, if that's preferable. RGloucester — ☎ 15:30, 13 November 2018 (UTC)[reply]

Um... folks... Schools already ARE covered formally under WP:ORG... See WP:NSCHOOLS. Blueboar (talk) 16:04, 13 November 2018 (UTC)[reply]

It seems somewhat ambiguous at the moment, given the "exception of non-profit educational institutions" caveat in the lead. What I meant is that I'd be fine with clarifying WP:ORG to the effect above. RGloucester — ☎ 16:21, 13 November 2018 (UTC)[reply]

For the sports-specific notability guideline in particular, it does not define notability in a way other than the general notability guideline. It provides guidance on when it is highly likely that the general notability guideline can be met with a sufficient search for suitable sources. It was discussed last year in this venue, and the closing statement once again affirmed this in the context of WP:NSPORTS (as has been discussed many times since, the closing statement overstepped in its broader conclusions for all subject-specific notability guidelines). isaacl (talk) 17:13, 13 November 2018 (UTC)[reply]

That's correct, and also applies to virtually all other SNG (subject-specific notability guidelines). There are a handful of divergent ones, like WP:NACADEMIC, and the level of consensus they enjoy is disputed. For the record, I think we need them in some cases when facts about the real world make it otherwise more difficult to have the articles we need – e.g. the fact that mega-influential scientists in their field often get no mainstream news coverage of any kind, just get cited thousands of times by other researchers. But it's a rare divergence from GNG. It will take a lot of community input to figure out whether such a variance should apply to a topic, and will require a community consensus that something is quite different about that topic. We've been over schools so many times I don't think consensus is likely to change in favor of doing so. They aren't different in any salient way from other organizations, other than they inspire some Wikipedians to consider them "important". (Anyone new-ish around here: see WP:Notability/Historical and WP:ITSIMPORTANT for how "include it because it's important" has been received by the community for the last decade and a half.)  — SMcCandlish ☏ ¢ 😼  12:56, 17 November 2018 (UTC)[reply]

• Yes: Need separate standards to facilitate discussion and consensus - Many of the comments above don't answer the question being posed, namely, whether there should be separate standards for high schools and post-secondary institutions. I think there should because it will facilitate a more focused discussion. Even for those think that WP:NOTABILITY, WP:ORG and other guidelines adequately cover the field, should recognize that others disagree and have reasons for that disagreement. Those reasons (and the objections to them) are, I think, different for high schools and universities, and it would be helpful to discuss them separately, acknowledging (at least) the possibility of different guidelines for each. My (admittedly brief) involvement and review of past attempts to reach consensus makes it clear that the differences make discussing any particular proposal more difficult.Federalist51 (talk) 21:36, 14 November 2018 (UTC)[reply]
• Comment There may be some validity to "schools being an important part of the infastructure". However living in Detroit, Michigan I live in a place where there have been several fly-by-night charter high schools, so I am less convinced than some that all schools that are at the high school level are notable. I also have seen way too many articles that have only been sourced to show a place exists survive on the theory better sources could be found, while no one even tries to find such sources. We need much clearer policies.John Pack Lambert (talk) 05:22, 16 November 2018 (UTC)[reply]

  Agreed on both points. We have no policy or guideline suggesting that schools of any kind are presumptive notable, and a clear guideline (WP:NORG#Schools) stating the opposite, yet some AfD respondents persist in trying to presume their notability.  — SMcCandlish ☏ ¢ 😼  12:56, 17 November 2018 (UTC)[reply]

• No need for yet more bureaucracy and instruction creep and oppose the desire and intent to override clear consensus at AFD by shovelling on more and more red tape Atlantic306 (talk) 17:30, 17 November 2018 (UTC)[reply]

  If, instead of vagueness, some kind of "clear consensus" exists either way, it would be most helpful for the conduct of AfD participants, as well as for this RfC's progress, to have hard, arithmetical data. -The Gnome (talk) 12:01, 18 November 2018 (UTC)[reply]

Of what? There's no doubt that we have a clear consensus; it's codified at WP:NORG#Schools. This is rehash is just another thing that needs to be listed at WP:PERENNIAL.  — SMcCandlish ☏ ¢ 😼  19:36, 18 November 2018 (UTC)[reply]

Atlantic306 claims that there is "clear consensus at AfD" (emphasis added], but this is previcely the root of the problem. Although WP:NSCHOOLS seems adequately clear (it's not entirely clear, since it asks for A or B or A&B), the recent historical record in AfDs shows that decisions can go, actually, every which way depending on who takes part in each discussion, what is the subject's nationality, etc. And this is how and why the quest for clarity started. The background is in the links in the Relevant Threads section above. It all has come down to whether or not the criteria should be the same for both high schools and colleges of any kind. And here we are. -The Gnome (talk) 13:59, 19 November 2018 (UTC)[reply]

• Firstly, I find WP:NORG#Schools already bizarre - how on earth would a school (or anything) manage to pass standard WP:NORG while failing GNG? At the risk of partially duplicating my most recent comment at the bottom of the general discussion section the clash(es) between AfD !voters and the general editing body is fairly evident on this topic, as noted above. I'm aware of the marginally consensus RfC and choose not to go against it, but disagree with it - thus I don't cast a !vote on multiple instances. I don't think there is a slippery slope of "the AfD editors are dragging the community" to move the notability requirements to some level lower than GNG/bizarre NORG. Nosebagbear (talk) 15:02, 29 November 2018 (UTC)[reply]

• Secondary schools not notable - These articles are a vandalism magnet and are all but impossible to check because sources are scarce and out of date. The articles contribute considerably to the OTRS workload and are a substantial share of the reverts performed by ClueBot and the various bot-assisted interfaces. There is little to suggest that they offer a meaningful draw to new contributors nor that the articles are themselves valuable to readers. Areas such as staff are particularly difficult, as it is common for the names of adminsitrators to be edited, and difficult to ascertain which of these edits are rare good-faith updates and which are students making themselves or their friends the new principal. The Uninvited Co., Inc. 02:31, 2 December 2018 (UTC)[reply]

General discussion

• FYI, pings don't go above the count of 50. I'd guess the above ping-o-mat didn't get every one (I wasn't hit). --Izno (talk) 13:53, 9 November 2018 (UTC)[reply]

Greetings, Izno. I'd appreciate any help from anyone in fixing this. I should note here that these were not pings per se but mere full-style usernames. Perhaps that helps. Thanks in advance. -The Gnome (talk) 14:02, 9 November 2018 (UTC)[reply]

Linking to userpage is a ping, the above did not go through because the count is above 50. Instead of trying to fix that I would advise to just remove the section, it's unnecessary. –Ammarpad (talk) 14:27, 9 November 2018 (UTC)[reply]

Would it work to break the list into smaller groups of pings? Blueboar (talk) 15:08, 9 November 2018 (UTC)[reply]

Yes, but even then not in one edit. Each smaller group if they'll add up beyond 50 in one edit, it won't work. My rough count shows there's around 120 editors above; so you can ping batch of 40 in 3 separate edits. –Ammarpad (talk) 15:25, 9 November 2018 (UTC)[reply]

Thanks, all. I'll get to it. Take care. -The Gnome (talk) 07:03, 10 November 2018 (UTC)[reply]

Sad to say, that probably didn't work. Each edit has to be signed - see WP:PING Note that the post containing a link to a user page must be signed; if the mention is not on a completely new line with a new signature, no notification will be sent. (Multiple mentions on the same new line with new sig are fine.) 92.19.25.230 (talk) 22:05, 10 November 2018 (UTC)[reply]

Thank you, 92.19.25.230. I did the multiple, signed edits. Take care. -The Gnome (talk) 06:28, 12 November 2018 (UTC)[reply]

Ammarpad, IMVHO the issue is quite important and participants in past discussions on it should be informed of this RfC's opening. Take care. -The Gnome (talk) 07:11, 10 November 2018 (UTC)[reply]

The Gnome's ping worked that time 8 mins ago. Graeme Bartlett (talk) 06:33, 12 November 2018 (UTC)[reply]

Thanks for the confirmation, Graeme Bartlett. -The Gnome (talk) 10:27, 12 November 2018 (UTC)[reply]

I don't know if all the pings worked (I was notified) I just think you should have called it pingamajig. Ivanvector (^Talk/_Edits) 10:33, 12 November 2018 (UTC)[reply]

Noted for next time, Ivanvector! -The Gnome (talk) 13:13, 12 November 2018 (UTC)[reply]

• An obvious thing, maybe, but if language is changed, we need grandfathering of existing school articles , giving them say, 2-3 years of time before they are treated under NORG/GNG under this potential change. --Masem (t) 17:13, 12 November 2018 (UTC)[reply]

Indeed, 24 months is probably the way to go. My heart bleeds at the thought of having a deluge re-enter AfD. Nosebagbear (talk)

• What is the driver in this discussion? What is the problem if a few less notable schools are included - are the servers running out of space? Policies and uniformity should support and enhance the information in the encyclopaedia, not reduce it. As a final aside; when I see the acres of text devoted to arguing fine (if not irrelevant) points I do wonder if the time could not have been better spent working on articles. Martin of Sheffield (talk) 08:31, 13 November 2018 (UTC)[reply]

Greetings, Martin of Sheffield. Wikipedia's policies and guidelines are evidently not driven by web space availability; otherwise, we would have significantly fewer rules and guidelines. The "driver" of this discussion is quite clear, as one could see by diving into past discussions on the issue, linked above. Take care. -The Gnome (talk) 09:44, 13 November 2018 (UTC)[reply]

You haven't explained why you feel the need to remove information though. It reads as if you are just trying to establish rules because you believe there need to be rules. Quoting conflicting policies as if they were reasons appears on the surface to indicate a bureaucratic rather than encyclopaedic approach. I would suggest that a better approach is only to disallow that which harms the encyclopaedia, and I have yet to be convinced that a few lines about an otherwise obscure school (which will of course be notable to many thousands of present and former pupils, parents and teachers) harms the encyclopaedia. Verifiability is important as a safeguard of our credibility but notability is a subjective assessment. Martin of Sheffield (talk) 10:02, 13 November 2018 (UTC)[reply]

Greetings, Martin of Sheffield. I did not express any kind of "need to remove information." Where do you get that? (If what you say comes from a hard inclusionist perspective I will not entertain it much, thank you. It simply does not pay to argue with editors who insist that all information has a place in Wikipedia, e.g. "Come on, some stub article about a non-notable subject does not harm the encyclopaedia".) But, more importantly, if the policies are indeed "conflicting", as you say, isn't this a reason to resolve the conflicts and get clarity? -The Gnome (talk) 05:51, 16 November 2018 (UTC)[reply]

• This is a perennial subject of discussion, and has been for a decade or more. Looking at the list above I see that it has been discussed at least three times in the last year, and this is a fourth. In one of those discussions, namely this one, the closers decided that even though the opinions for-and-against NSCHOOLOUTCOMES were about equally balanced numerically, the conclusion was to overturn that longstanding practice. Then people seized on that one (out of dozens) discussion and its barely-supported* conclusion to change the wording at various guidelines to say that, hey, secondary schools aren't presumed notable after all. Looking at the discussion here, I see that opinion is still about evenly balanced, and that many/most of us were not even aware that the longstanding guideline had been overturned on the basis of one RfC. This is immensely frustrating. How are those of us who care about this supposed to keep up? If I wouldn't have known about this discussion, either, except for the ping-o-mat kindly sent out above (thank you, The Gnome). --MelanieN (talk) 10:33, 13 November 2018 (UTC)[reply]

*Quoting from the closure: "Based on the discussion, we find that the community is leaning towards rejecting the statement posed in the RFC, but this stops short of a rough consensus. Whether or not the community has actually formed a consensus to reject the statement posed in the RFC is a distinction without a difference." --MelanieN (talk) 10:45, 13 November 2018 (UTC)[reply]

• I think we end up in the situation of the community as a whole is roughly evenly balanced, but of the AfD common editors there is a slight majority towards the "easier/assumed school notability" (by coincidence - I don't think the group is school obsessed). Now obviously AfD editors are supposed to follow community consensus, but at a minimum it discourages delete votes (I admit to sometimes just not casting a vote to avoid !voting in line with that RfC that I disagree with). Nosebagbear (talk) 14:54, 29 November 2018 (UTC)[reply]

Sorry to bring this up again, but I never got a good answer the many times I asked:

We upload a logo. It is too big. We reduce it to something like 200x200 so nobody can use it commercially. Then someone tags it for conversion to svg. That format allows it to be any size, high quality, highly reproducible.

Is there a link to the discussion that makes sense of this? Thanks. Anna Frodesiak (talk) 11:45, 12 November 2018 (UTC)[reply]

I don't think anything has changed since you asked this question in 2015 at Wikipedia:Village pump (policy)/Archive 119#Non-free image resolution.

A summary, for those seeing this for the first time: Non-free SVGs have long been a point of contention, and I'm not aware of any past conversations that have reached a firm consensus. Some past discussions include:

• Wikipedia:Village pump (idea lab)/Archive 12#Disallow non-free SVGs
• Wikipedia:Village pump (policy)/Archive 123#RfC: SVG as appropriate format for non-free files?
• Wikipedia:Village pump (policy)/Archive 119#Non-free image resolution

There are generally three factions in such discussions:

1. Non-free vector images are ok as long as they don't contain detail that isn't needed to render at appropriate sizes.
2. Non-free vector images are never ok because simple shapes (such as circles) can be rendered at arbitrary sizes without pixelization artifacts.
3. Non-free vector images are only ok if they were created by the copyright/trademark holder, even if the editor-created SVG generates an image indistinguishable from the official logo when rendered at appropriate sizes.

I subscribe to the first view, and IMO that's the view that mostly has consensus. HTH, although I suspect it doesn't help all that much. Anomie⚔ 14:00, 12 November 2018 (UTC)[reply]

The way NFC had treated these is that the only allowable SVG that are non-free are logos in SVG or equivalent form (like EPS) publicly made available by the company/entity that would have appropriate ownership of that label (for example, a parent company with a subsidiary's logo). The rationale for this is that normally non-frees must be of small resolution, so SVG is already an incompatible format with that. But if a entity publishes its logo in an SVG format, we have allowed that to be uploaded and used as logos. We do not allow any other recreations of non-free logos into SVG from a non-SVG format, so anyone asking for a conversion of a logo to SVG should be immediately denied due to this. Recreations can introduce elements that were not a part of the original logo or mis-represent the logo, and that's a problem. (That's why it's okay with those logos that fail to pass the threshold of originality and fall into uncopyrightable, because their reproduction should not introduce any misrepresentation). --Masem (t) 14:40, 12 November 2018 (UTC)[reply]

I was trying to head off another round of everyone just repeating what they always say... Sigh. Anomie⚔ 03:32, 13 November 2018 (UTC)[reply]

Masem's summary of the NFC take (assuming it's accurate :-) is actually helpful for anyone not already mired in that discussion.  — SMcCandlish ☏ ¢ 😼  11:54, 17 November 2018 (UTC)[reply]

As far as I know Masem's view is just another view, which I had already summarized as #3. As for an "NFC take", the only thing I see on WP:NFC is concern about taking a vectorized logo from a third-party site because that might be subject to two copyrights (on the image itself and on the SVG "code"). It says nothing about editor-created vector images with any potential "code" copyright explicitly released as PD or licensed under a free license (which, technically, may be freer, like a freely-licensed photo of a copyrighted sculpture versus a non-free photo by the sculptor), and says nothing about any concern over recreations "introduc[ing] elements". Anomie⚔ 13:50, 17 November 2018 (UTC)[reply]

Didn't follow the whole thing, and I don't particularly care how it's resolved, but how about non-free SVGs are converted to low-res PNGs? Much like a lot of free PNGs are converted to SVGs? Headbomb {t · c · p · b} 14:36, 17 November 2018 (UTC)[reply]

FREER (which you mentioned) is meant to capture what I've described. The only thing it really doesn't say is about that this use of SVG should only be for logos, no other non-free SVG is allowed. --Masem (t) 15:56, 17 November 2018 (UTC)[reply]

Thank you all for the comments. I know I've been a bit slow to understand this. Actually, I still do not. Perhaps an individual case will help me. What about this image: File:UofTsystem seal.svg

Thanks, and thanks for your patience with me. I'm really struggling to understand. :) Anna Frodesiak (talk) 21:56, 17 November 2018 (UTC)[reply]

Anyone? If I uploaded a png of File:UofTsystem seal.svg that was 400x400, it would be fuzzy and unusable commercially, and it would be tagged for reduction to 200x200. So, is pretty darn sharp File:UofTsystem seal.svg, not only allowed, but someone spent time replacing the old fuzzy with that one. None of this makes sense to me. Anna Frodesiak (talk) 06:17, 18 November 2018 (UTC)[reply]

Oh, and what's the point of svg? To save server load? Well, we have tons of photos in articles. What's a 200x200 photo to a server? And this conversion takes time for users to do. Plus, they are commercially usable. We waited years for a freebie of Kim Jong Un because of non-free rules. Now we have zillions of high res svgs. And this has been going on for years without getting sorted out.

Anna Frodesiak (talk) 06:19, 18 November 2018 (UTC)[reply]

It has nothing to do with file space, but by non-free policy. SVGs are scalable vector graphics, meaning they could have infinite resolution. We can force a resolution by converting it to a PNG or other image format of a specific size, but we cannot convert a PNG back to a SVG as that conversion is lossy in that fashion, outside of actually recreating the SVG from drawing over the PNG, but that's a step we do not allow.. We do not want editors using non-free SVG in general due to the infinite scaling factor, but we have exceptional cases for logos of an entity provided by that entity. --Masem (t) 07:01, 18 November 2018 (UTC)[reply]

Hi Masem. I think I understand. So, the only svgs we have are ones provided by the organizations? Anna Frodesiak (talk) 20:59, 18 November 2018 (UTC)[reply]

According to Masem. As far as I know there has never actually been consensus on that. Anomie⚔ 21:54, 18 November 2018 (UTC)[reply]

"Resolution" of an SVG makes about as much sense as asking about the pixel size of an audio file or a text excerpt. Anomie⚔ 21:54, 18 November 2018 (UTC)[reply]

For audio files we also look at things like encoding quality (and why we use both an open source encoder and require that be set at very lossy settings for non-free files). The resolution of SVGs is infinite, which is a problem for when we seek low resolution non-free. --Masem (t) 05:43, 19 November 2018 (UTC)[reply]

You appear to have completely missed the point. Anomie⚔ 12:26, 20 November 2018 (UTC)[reply]

Where the graphic being represented can be defined entirely mathmatically, agreed the concept of resolution is irrelevant. In cases where the underlying graphic was, say, hand-drawn and then traced to create the SVG, there can be a resolution beyond which the SVG will no longer accurately represent the original. isaacl (talk) 23:06, 20 November 2018 (UTC)[reply]

As discussed in Template talk:Infobox website#AlexaRank, currently some Wikipedia use "decrease" to indicate improvement in rank. For instance, If a website was previously ranked #10 in certain ranking, and it now become the #1 site in the world, then editors would put a symbol next to the rank to indicate its ranking have been "decreased" from #10 to #1. However to me it seems like the interpretation doesn't make sense, as the ranking of the website was actually increased from the #10 to #1. Wouldn't it be better to use the symbol to show the website gained places in ranking? C933103 (talk) 07:26, 13 November 2018 (UTC)[reply]

Why not simply use “rise” and “fall”? Blueboar (talk) 12:27, 13 November 2018 (UTC)[reply]

The OP is saying that it's counter-intuitive to indicate an improvement with a "down" arrow. I would tend to agree. Not sure whether this qualifies as forum shopping, maybe a discussion notice here would have been better? ―Mandruss ☎ 13:12, 13 November 2018 (UTC)[reply]

Strongly concur with C933103 and Mandruss. Furthermore, this is against MOS:ICONS. We never use icons in ways that can be misleading to readers.  — SMcCandlish ☏ ¢ 😼  14:20, 14 November 2018 (UTC)[reply]

Yeah it would probably be better to link the discussion back from the original talk page so that the discussion would be linked to anyone who are interested. The lack of people to discuss the matter (as well as actually talking about what can be done) on the template talk page was the reason for me to start this section to talk about this issue here. C933103 (talk) 16:35, 20 November 2018 (UTC)[reply]

"High rank" means a small number, and "top rank" means the first in rank. --NaBUru38 (talk) 20:31, 16 November 2018 (UTC)[reply]

• I recall having a discussion about this before;
  Wikipedia:Help desk/Archives/2013 July 14#Infobox Symbols & Template talk:IncreaseNegative#Guidance.
  There has been confusion in the past about the direction and color of indicators, as well as increase/decrease in numeric value =/≠ decrease/increase in rankings.

Standard usage seems simple enough;

- eg: increase in net worth

- eg: decrease in net worth

- eg: decrease in traffic fatalities

- eg: increase in traffic fatalities

More than 5 years later and there still seems to be problems however. It seems that rankings, such as Alexa, were an issue then and still are now. In most rankings, a numerical decrease is considered an improvement, or an 'increase' in the rankings. Going from #10 to #4, for example is considered an improvement, so a green indicator, or arrow, is used. As some see it as numerical decrease, they will use . But since it's widely considered an climb or increase in ranking, will be used. This can lead to confusion. The same can be found with other types of rankings, say "List of unsafest cars". An change from #8 to #3, is considered a downgrade or decline. A red arrow is used, and while it is again a numerical decrease, leading some to use , it's considered a climb in the ranks, so will be be used by many others. Another example that may cause problems is golf scores. Whereas in most other sports, the higher the score, the better, the opposite is true in golf. Anyway, short amswer; I agree with the OP. (jmho) - wolf 13:51, 3 December 2018 (UTC)[reply]

At Joseph Gordon-Levitt part of the Hitrecord section is transcluded from another article. Something similar happens at Transgender#Scientific studies of transsexuality. I had never come across this before in article space. There is a help page Wikipedia:Transclusion, which mentions the Gordon-Levitt article as an example. There are also templates Template:Transcluded section (links 735 articles [4])and Template:Transcluding article (links 11 articles [5]) so it is used somewhat. Zinc is a featured article and uses it for the common cold section. It seems odd and while I would enjoy using it to keep consistency in articles from areas I edit I think it could have some drawbacks. It makes the assumption that the content should always exactly match the transcluded article and makes editing the target sections difficult. It also means that changes made to another article would affect an article you watchlist without notifying you. There may be others too. I am curious as to whether there are any guidelines or policies to using this technique or if it is just used so little that most editors are, like me until now, unaware that it was viable. AIRcorn (talk) 09:01, 13 November 2018 (UTC)[reply]

Transclusion is heavily used in entertainment-related articles. For an example see MOS:TVOVERVIEW in the guidelines for writing about television programs: If a separate List of episodes article exists, the series overview table should be presented at the top of that article below the lead, in a section labeled "Series overview", then transcluded to the episodes section at the main article. This sometimes leads to problems with references, if named references are used but the full reference is not in the transcluded section. StarryGrandma (talk) 20:48, 13 November 2018 (UTC)[reply]

In general I don't think it is a good idea due to the problems mentioned above, and the confusion it causes to editors. However I don't think we need a policy to support or preclude it. Using templates transcluded into the two articles seems better than transcluding one into the other. This will prevent edits on one article trashing the other. Graeme Bartlett (talk) 23:33, 13 November 2018 (UTC)[reply]

Thanks for the replies StarryGrandma and Graeme Bartlett. Sorry it took so long for me to get back to this. I am assuming this is a case-by-case situation at the moment. I may look at editing or discussing options at Wikipedia:Transclusion as I feel it needs something a bit more concrete about when and how to use it. The Gordon-Levitt example in particular looks like a very poor use and when combined with the strange passive ownership hidden text it is probably detrimental to improving the article. I also find the TV overview use a bit strange. I could understand transcluding for rapidly changing information that needs to be presented on multiple pages, but at best you are looking at one update a year for most TV shows. Anyway it is good to know there isn't much in the way of existing policy that needs to be negotiated first in this area.. AIRcorn (talk) 21:44, 21 November 2018 (UTC)[reply]

NOT ENACTED

There is clearly not any consensus in favor of the proposal. --Jayron32 04:31, 19 November 2018 (UTC)[reply]

The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.

---

After what is turning out to be an unsuccessful proposal at Wikipedia talk:Criteria for speedy deletion#Proposal/RfC - Extend WP:U5 to the draftspace, I have come up with something new. I reckon that we should allow proposed deletions in the draftspace. This will ensure that things like WP:NOTESSAY, WP:NOTWEBHOST and WP:NOTHOWTO trash can be PRODed instead of having to go into WP:MfD. Also, WP:PROD has a seven-day wait most of the time before the page is deleted so it can mean that things can be deleted after seven days with proposed deletions in the draftspace without having to go to WP:MfD for basic things like WP:NOTESSAY, WP:NOTWEBHOST and WP:NOTHOWTO which have no chance and obviously will get deleted. Pkbwcgs (talk) 16:23, 16 November 2018 (UTC)[reply]

• Correct me if I'm wrong but didn't we have that discussion already fairly recently? Regards SoWhy 16:58, 16 November 2018 (UTC)[reply]
  • @SoWhy: I don't think we had that discussion recently. Pkbwcgs (talk) 17:18, 16 November 2018 (UTC)[reply]
  • I'm certain we have. I've been trying to find it since this was posted, though, and "draft" and "proposed" and "deletion" and even "prod" are all so commonly mentioned on VP in unrelated contexts that it's effectively impossible to search for. There's this, but I don't think it's what I'm remembering. —Cryptic 17:36, 16 November 2018 (UTC)[reply]
• Oppose - Nobody watches drafts aside from the page creator in the vast majority of cases, so if they're inactive in those 7 days, this is basically just an easy all-purpose deletion timer. There's already an issue with our existing policies and guidelines being pushed too far and blatantly misapplied. PROD has even less oversight than CSD or MfD, because in CSD an admin is responsible to make sure it qualifies; PROD is just a countdown. The fact remains that almost nobody will ever see a page in draftspace, so there's little urgency to delete edge cases (those which aren't obviously problematic enough to qualify for existing CSD). As I said in my opposition to the other proposal, the benefit to deleting drafts that aren't obvious candidates for CSD is minimal (which isn't to say non-existent), but far, far less benefit than deletion of a problematic mainspace page. On the other hand, the potential damage to new user experience is the same. — Rhododendrites ^talk \\ 17:03, 16 November 2018 (UTC)[reply]
  • @Rhododendrites: I am talking about drafts which are spam and other quick-fail criteria like WP:NOTESSAY, WP:VANDALISM, WP:NOTWEBHOST and WP:NOTHOWTO which have no chance ever. PROD does not apply to drafts that are not quick-fail. Pkbwcgs (talk) 17:18, 16 November 2018 (UTC)[reply]
• Oppose per Rhododendrites, especially on the point of user experience. Also would like to add that no draft that is not accepted at AfC has any chance ever, as they all get cleaned out after 6 months by G13 anyways. I don't understand the need to proliferate redundant deletion mechanisms. A2soup (talk) 18:29, 16 November 2018 (UTC)[reply]
• Oppose per Rhododendrites and A2soup. WP:NOTESSAY and WP:NOTHOWTO are subjective and not everything that could be deleted that way should be - they could be fixed, or moved to user, help or project space (depending on subject). The problems with using WP:NOTWEBHOST as a deletion criterion have been explained to you at length in the CSD proposal and you've seemingly either not listened or not understood. Vandalism can and should be speedily deleted under criterion G3 and spam can and should be deleted under criterion G11 - as repeatedly explained in your previous proposal. One of the major failings of that proposal was a lack of demonstrated need, and you've not even attempted to demonstrate the need for this one either. Thryduulf (talk) 18:32, 16 November 2018 (UTC)[reply]
  • We need this so that instead of taking drafts that can be obviously deleted to WP:MfD and flooding it, a PROD tag can be applied and it can be deleted after seven days. We are talking proposed deletion which isn't speedy deletion. The seven days also give time to the creator to address the problems of the draft and if the creator wants to improve it, the PROD tag can be removed. Pkbwcgs (talk) 18:58, 16 November 2018 (UTC)[reply]
    • Say, for example, that you have a draft that is clearly WP:NOTESSAY but not covered by existing CSD criteria. Either the creator is interested in keeping the draft or the creator is not interested in keeping the draft. If the creator is interested in keeping the draft, they will remove your PROD tag and MfD will be necessary if you wish to seek deletion (personally I think we should let such drafts stick around, but that's a different question). If the creator is not interested in keeping the draft, it will be deleted per G13 in 6 months anyways. The only function of your proposal is to accelerate the G13 timeline. This is 100% redundant and therefore WP:CREEP, and also the RfC that created G13 clearly showed no consensus for a shorter timeline. A2soup (talk) 19:10, 16 November 2018 (UTC)[reply]
      • G13 is for any draft that has not been edited for six months or more. This is not how PROD will work so it is not redundant and PROD can be declined by any admin if there is no valid reason for deletion. Just because a draft is declined, it doesn't mean that a PROD tag should be added. This is not how this proposal works. For example, if you see a homework assignment in the draftspace, then a PROD tag can be added instead of taking it to MfD and it should be deleted that way. Pkbwcgs (talk) 19:18, 16 November 2018 (UTC)[reply]
• Oppose per my more eloquent colleagues. ~ Amory (u • t • c) 19:01, 16 November 2018 (UTC)[reply]
• Oppose. This would serve no purpose whatsoever. A draft that is not defamatory, a copyvio, or otherwise a speedy case, can sit in draftspace forever, provided it is worked on from time to time. The reason for this is that it is possible that it might eventually be improved enough to merit being an article. The rule allowing for deletion of abandoned drafts already works with respect for those that are not improved. bd2412 T 19:32, 16 November 2018 (UTC)[reply]
  • @BD2412: So, even a WP:NOTESSAY or WP:NOTHOWTO or WP:NOTWEBHOST violations "might eventually be improved enough to merit being an article"? Pkbwcgs (talk) 19:44, 16 November 2018 (UTC)[reply]
    • Looks like the fourth or fifth failed proposal. Hopeless at creating proposals. Pkbwcgs (talk) 19:47, 16 November 2018 (UTC)[reply]
      • If the subject matter is not a speedy case, than any of those situations might resolve into encyclopedic coverage of a subject. bd2412 T 19:57, 16 November 2018 (UTC)[reply]
      • Keep in mind "creating proposals" is not an end in itself. Your value to the encyclopedia comes from your work to improve it, not your work to modify its policies. I think you will find working to improve the encyclopedia a more fulfilling and rewarding pursuit. A2soup (talk) 20:03, 16 November 2018 (UTC)[reply]
• Comment I've in the past supported DraftPROD, but someone else made the point that a DraftPROD would get even less oversight, i.e. traffic, than mainspace PRODs. The underlying problem here is the sheer amount of garbage in draftspace, the overfilling of MfD with junk drafts, and the problems existing with the G13 criterion. For that reason I would be against a DraftPROD, per se, but would support Draft-specific CSD. PrussianOwl (talk) 21:26, 16 November 2018 (UTC)[reply]
  • @PrussianOwl: I'm not convinced that MfD is being overfilled - almost all of what was there from draftspace was either not uncontroversially supported for deletion or being deleted for subjective reasons, both of which are incompatible with any form of CSD. Indeed in all the recent discussions nobody has even attempted an objective definition of "junk" or explained why waiting for G13 is actually problematic. Thryduulf (talk) 22:00, 16 November 2018 (UTC)[reply]
    • "Junk" is basically the useless stuff that lies in the draftspace like WP:NOTESSAY and WP:NOTWEBHOST stuff that is a waste of time for AfC reviewers to have to go through and has no chance of improvement. This also applies to homework assignments which I have seen quite a few of in the last couple of days. It's the stuff which floods pending AfC drafts everyday which is literally a waste of time to go through and the worst thing is that it is even more of a waste of time for those useless drafts (or "junk") to be re-submitted again and again. I will still keep the RfC open for the new draft-specific CSD but this is another idea if the other doesn't succeed. However, by the looks of it, both won't succeed. A AfC reviewer can spend time better look into a draft which looks promising and the creator is willing to spend rather than "junk". Pkbwcgs (talk) 22:31, 16 November 2018 (UTC)[reply]
      • That's a definition of junk but it doesn't even approach being an objective one. NOTESSAY and NOTWEBHOST are subjective guidelines, "useless stuff", "waste of time", "no chance of improvement" are all inherently subjective on their own let alone when sat on top of oneanother. Homework assignments come in many, many different forms some blindingly obviously not encyclopaedia material but some that could easily become so, meaning it's not a useful criterion for this. Thryduulf (talk) 01:12, 17 November 2018 (UTC)[reply]
• Support as a step in the right direction. What we need is for deletion in draftspace to operate using meaningful criteria rather than the delete-everything-after-six-months logic. – Uanfala (talk) 01:21, 17 November 2018 (UTC)[reply]
• Oppose another deletionist proposal. It's the thin end of the wedge for those who want to delete the entire wiki! OK, that was silly, but generally speaking there is no benefit to moving further in the deletionist direction. Jack N. Stock (talk) 01:31, 17 November 2018 (UTC)[reply]
• Oppose Draft space is a safe place to incubate drafts - I don't have any problems in theory with expanding the type of things which can be speedy deleted in draft space, but PROD for any draft article would invite disaster IMO. SportingFlyer talk 01:48, 17 November 2018 (UTC)[reply]
  • @SportingFlyer: Wikipedia talk:Criteria for speedy deletion#Proposal/RfC - Extend WP:U5 to the draftspace is still an option. This proposal is to expand PROD onto the draftspace; the other one is to expand quick-fail criteria which has no chance of going to the mainspace to be speedy deleted (WP:NOTWEBHOST sort of stuff). Pkbwcgs (talk) 08:45, 17 November 2018 (UTC)[reply]
• Oppose - the draft is supposed to be a building space - so of course articles frequently won't be appropriate. Additionally, since it's not an article usually the only watchlisted editor is the creator. What if they don't log-in for a week? Not to mention how overwhelmed a DraftPROD would be - the drafts would never get a fair glance at. Nosebagbear (talk) 10:46, 17 November 2018 (UTC)[reply]
• Oppose yet more beauracracy, no need for quick removals from draftspace where they are supposed to be given more time for development and the poor content is out of view of most of the public Atlantic306 (talk) 17:36, 17 November 2018 (UTC)[reply]
• Oppose for basically the same reasons I opposed the U5 extension. If G10, G11, or G12 doesn't apply, then there's absolutely no reason not to leave stuff in draftspace until the G13 clock eventually rolls around. Nathan2055^{talk - contribs} 20:27, 17 November 2018 (UTC)[reply]
• Oppose G13s and Speedy deletes at MFD seem to work just as well. JC7V (talk) 20:30, 17 November 2018 (UTC)[reply]
• Oppose Drafts do not get the same watchers as articles, so it would mostly be a death sentence for negligent writers. MFD at least gets a central discussion. Graeme Bartlett (talk) 09:38, 18 November 2018 (UTC)[reply]
• Comment MfD is not overrun NOT for lack of junk to MfD but for lack of dedicated volunteers willing to clean up the vast piles of junk. See Wikipedia:WikiProject_Abandoned_Drafts/Stale_drafts for a huge list of spam, webhost, attack pages etc, and even a few good topics. Legacypac (talk) 20:55, 18 November 2018 (UTC)[reply]
  • None of which is evidence that PROD for draft space or expanding speedy deletion to a subjective subset are anything like good ideas. Thryduulf (talk) 22:35, 18 November 2018 (UTC)[reply]
  • @Legacypac: I think a better proposal to help deal with that particular backlog would be to expand G13 (delete after six months with no edits) to pages with {{Userspace draft}}, which is a much more reasonable proposal than expanding PROD. The technical deletion of userspace pages for inactivity is a bit more controversial than deleting draftspace pages, but since there's a dedicated group going through stale userspace drafts looking for anything worth salvaging, it might be a bit more palatable. Perhaps offer a {{do not delete}} tag that could be placed by any editor interested in retaining it for whatever reason? Nathan2055^{talk - contribs} 23:35, 18 November 2018 (UTC)[reply]
• Oppose as per everyone above - The current process(es) works fine IMHO. –Davey2010^Talk 23:22, 18 November 2018 (UTC)[reply]
• Oppose there is no need for this and it will cause many, many, many, many more problems than it will solve. Jacona (talk) 02:37, 19 November 2018 (UTC)[reply]

• Oppose per the above. If a draft is WP:NOTESSAY, WP:NOTHOWTO, etc. and is submitted for review, we decline it, not delete it. I think that's kind of the point of draftspace. ^Semi_Hypercube ✎ 02:48, 19 November 2018 (UTC)[reply]

The discussion above is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.

Should Wikipedia:Citing sources have an explanatory guideline with a set of accepted citation/footnote styles, with the lists of allowed formats and structures to be decided by future RfCs? Jc86035 (talk) 18:12, 17 November 2018 (UTC)[reply]

Survey (RfC: Citation styles)

• Tentative support. Allowing virtually any citation/footnote style to be used can be unnecessarily confusing for contributors, especially new users: while various citation formats are widely used in the English-language publications of many disciplines, and there is obviously good reason for different formats to be used in Wikipedia articles, obscure styles and little-used templates like {{ran}} can make it more difficult for contributors to add to the articles in which they are used. The lack of guidance has also resulted in a lack of consistency in reference group names, mostly for footnotes and primary sources ("note 1", "notes 1", "n 1", "‡ 1", "a", "A", ...). Jc86035 (talk) 18:12, 17 November 2018 (UTC)[reply]
• Support as long as there is a documented mechanism to review adding additional styles as needed to the list. Ideally, certain more obscure formats should indicate which topic areas they should or should not be used on. --Masem (t) 18:26, 17 November 2018 (UTC)[reply]
• Support, per Masem. If any style that is currently used in a topic area is being discussed for inclusion on the list then editors working in that topic area should be explicitly invited to take part in the discussion. Thryduulf (talk) 18:45, 17 November 2018 (UTC)[reply]
• Support – there needs to be a centralized plan to learn how the different styles work, and to suggest not using odd variants. Dicklyon (talk) 18:49, 17 November 2018 (UTC)[reply]

Who determines whether a variant is “odd”? Blueboar (talk) 19:07, 17 November 2018 (UTC)[reply]

@Blueboar: per the opening post in the RfC, which styles are allowed, which are not allowed and which are allowed only in certain areas will be determined by consensus of future discussions. This RfC is only about establishing the framework so as to avoid objections to specific styles being on one or another list don't derail the whole lists (if there is a consensus for the lists) and/or to avoid wasting time discussing which should be where (if there is consensus against the lists). Thryduulf (talk) 20:52, 17 November 2018 (UTC)[reply]

• This is a huge can of worms - while there is probably some benefit in reigning in some of the more "unusual" citing standards, this has the potential to result in a lot of bad blood and pain if not handled perfectly. We have WP:CITEVAR for a reason .Nigel Ish (talk) 21:00, 17 November 2018 (UTC)[reply]
• Support The standards should be stated and a move made towards the preferred style, and all those variants can be gradually converted to something that looks and works in a consistent way. Failure to use the styles is not necessarily and problem for the editor or article, but instead an opportunity to get it done in a better way. Certainly for FA standard there should be a preferred citation style to use. Graeme Bartlett (talk) 09:36, 18 November 2018 (UTC)[reply]
• Questions:

1. is this meant to require citations being added in specific formats? We've always accepted plain text or bare URLs as references, as long as enough information is provided to identify the source;
2. is this meant to be a sitewide requirement policy, or just a best practice/manual of style? I.e. are we going to start trying to sanction editors who use a different citation format? Ivanvector (^Talk/_Edits) 19:04, 17 November 2018 (UTC)[reply]

My impression is that we "accept" almost anything, but that we also advise converting to a recommended and consistent style. We even have bots trying to to that for bare URLs for example. Style guidance points the way to go, but doesn't hit anyone over the head for not going that way. Dicklyon (talk) 19:10, 17 November 2018 (UTC)[reply]

My reading of how this is proposed is when we are talking an article at GA or FA. An article is progress is going to likely have a lot of variation in style, include bare URLS, which is fine - our citation approaches are highly complex and not easy to parse. But once you start talking quality, then a consistent style, and ideally one supported by consensus should be used. Certainly early on in an article's development, editors should be aware of what citation style to go for to minimize the pain of updating all the styles at the point of GA/FA. --Masem (t) 21:05, 17 November 2018 (UTC)[reply]

• @Ivanvector, Masem, and Dicklyon: No, this probably shouldn't be a requirement – the actual policy change might be something like "please use these styles and formats; if an article doesn't use a listed style or a listed format then the article may be changed so that it does". I've changed the RfC question (it originally said "include a list of", which would have been inappropriate for a policy). Jc86035's alternate account (talk) 11:25, 18 November 2018 (UTC)[reply]

Much better. As per Dicklyon we need to accept poor references, particularly from newbie editors, and then seek to improve them. It doesn't take much effort to bring up a bare URL and generate a {{cite web}} or {{citation}} and the associated <ref>/</ref> or {{sfn}} reference. Martin of Sheffield (talk) 11:39, 18 November 2018 (UTC)[reply]

I guess I don't know what's proposed to change. It's already recommended (and best practice for featured content) to be consistent within an article. Is the proposal just for making a list of suggested citation styles? Ivanvector (^Talk/_Edits) 18:24, 18 November 2018 (UTC)[reply]

• Strong Oppose. WP:CREEP. Violates the spirit and principle of WP:CITEVAR. I use non-code Chicago Manual of Style footnotes. Honestly, we are lucky if bare URLs get filled out at all, and editors who use ReFill don't even give the date or publication of the citation. There are variety of stylebooks for citations, and even the more revered ones vary between themselves. There's no reason to force people to choose from a list of "allowed" styles. This is just going to lead to more trouble and edit-warring. We can certainly give examples/samples, but to enforce a list of "allowed" choices is just asking for trouble, and edit-wars galore. Softlavender (talk) 11:52, 18 November 2018 (UTC)[reply]
• Even stronger oppose. We have over 2000 different citation templates, all of which are currently "approved", plus all the non-template hand-formatted citations. I would support it if we picked a single wiki-wide citation format and deprecated all others, as the short-term disruption of mass conversion would be justified by the long-term stability of an end to arguments over WP:CITEVAR and confusion about which style to use on any given article, but I can't see anything good coming of a proposal to allow whichever small handful of editors bothers to turn up to an RFC to unilaterally decide that some of those 2000 templates are "approved" and some aren't. (Aside from anything else, if there will still be more than one "approved" citation style, how do we decide to which of those we're going to convert all the articles using now-banned styles?) By causing the huge disruption of a mass-conversion, without the benefit of a unified citation style at the end of it, this is just going to cause a huge amount of bad feeling for no apparent benefit. And when I say "huge disruption", I mean it; the most commonly-used citation template, {{cite book}}, is used on approximately 1,000,000 articles, meaning that even if we settled on this as the standard going forward it would still mean 80% of articles would be non-compliant and need to have their references reformatted. ‑ Iridescent 12:10, 18 November 2018 (UTC)[reply]

  Most commonly used is actually {{Cite web}}, on 3 million pages. I think you're exaggerating the number of articles that don't use citation style 1 references - a lot of pages that don't use it have bare url references or simply don't have any. TBH I think we should settle things down to using CS1 for formatting references - it is the de facto standard and what visual editor and reftoolbar use - and a choice of citing references using <ref>...</ref> or using {{sfn}}; but the acrimony generated through doing that is probably more work than worth it. Galobtter (pingó mió) 13:43, 18 November 2018 (UTC)[reply]

  Also, Iridescent, vast majority of the "2000 citation templates" are just {{Cs1 wrapper}}s (or external links templates like {{Britannica}} and other things that are not really citation templates) - not a different style. Galobtter (pingó mió) 13:55, 18 November 2018 (UTC)[reply]

  I'd think it obvious that we're talking acceptable citation template families. There's probably a dozen plus variations of "cite web", but that's all one family. Same with CS1 references. --Masem (t) 05:46, 19 November 2018 (UTC)[reply]

• Oppose per Softlavender. We are still not at a position where references are provided when they need to be. Laying down standards of reference formatting will exacerbate the situation as new editors will give up rather than jump through what they see as unnecessary hoops. Nthep (talk) 13:30, 18 November 2018 (UTC)[reply]

  99% of new editors if they are formatting references, use Citation Style 1 (which of course will be an allowed style); nobody is suggesting that new editor's edits should be rejected or that the first thing that new editors should be explained to is what citation style to use. Like with the MOS, it would be mainly experienced editors who fix edits to make them conform with the style. New editors are anyways explained how to/told to use {{cite web}} etc. Galobtter (pingó mió) 13:49, 18 November 2018 (UTC)[reply]

  New editors would continue to drop in bare URLs as they do now, most of them being unaware of or apathetic about any relevant guidelines. What we're debating is what happens if and when those are cleaned up. The effect on new users is thus zero. ―Mandruss ☎ 18:23, 18 November 2018 (UTC)[reply]

• Oppose per Iri and SL. Ealdgyth - Talk 13:36, 18 November 2018 (UTC)[reply]
• Support Getting rid of obscure styles to make it easier for new editors editing those pages and for consistency across Wikipedia. This really wouldn't affect the vast majority of edits, editors, or pages, but only the few thousand pages that use things like {{ran}} or in text parenthetical citing (which are IMO very reader unfriendly); at-least initially, we can allow a broad range of styles with the exception of some obscure ones. The amount of articles that use things other than Help:CS1 and Help:CS2 and such is quite small. Galobtter (pingó mió) 14:25, 18 November 2018 (UTC)[reply]
• Oppose - The purpose of a citation is to point the reader to a source which verifies our content. As long as a citation does this, it is acceptable. The style is irrelevant. Blueboar (talk) 15:24, 18 November 2018 (UTC)[reply]
• Support wp:citing sources is a guideline not a policy so it doesn't force anything at all, those arguments don't make sense. Guidelines are routinely ignored if editors wish. The purpose of a guideline is to show best practice. A list of best practice citation styles is not only a good idea, why isn't it there already. -- GreenC 15:37, 18 November 2018 (UTC)[reply]
• Strong oppose. A wide variety of citation styles is in use in the academic and publishing worlds, and we accommodate that here relatively peacefully. We have help pages on referencing for newcomers and these can be improved. But forcing an "approved list" of citation styles on Wikipedia seems like a recipe for creating conflict where there is little at the moment. I feel the proposed RfCs on which styles to "allow", with the goal of eliminating some editor's favorite ways of citing sources, would create an Infobox-like situation. StarryGrandma (talk) 16:36, 18 November 2018 (UTC)[reply]

  Comment. Adding or linking Wikipedia:Citing sources to a guideline clearly explaining the easiest ways add references with the current state of our tools would be a good idea. (Visual Editor has improved considerably for example; one can now see the references in the reference list after entering them.) A single RfC could be held to decide which methods to recommend there. StarryGrandma (talk) 17:04, 18 November 2018 (UTC)[reply]

• Oppose: The purpose of citations is to make it possible to verify content. Consistency within an article is much more important to that end, and also good for other reasons. Yes, we can speculate styles that are strictly speaking consistent but totally absurd (say, Bluebook in a non-legal article, in CamelCase, encoded with ROT13, and all the punctuation swapped for emojis) but I'd assume that good-faith editors don't do such a thing. As for obscure citation styles hindering the addition of content out of fear of messing up with the existing WP:CITEVAR (yes, merely a guideline as pointed above, but one with a super strong consensus and observance)? I'm not sure if I buy that argument. Editors are supposed to WP:BEBOLD and add content and let others iron out the wrinkles that they don't know how to fix. I see (and fix) articles with slightly inconsistent CITEVAR all the time precisely because editors have added content even if they didn't know all the intricacies of that article's citation style. On the contrary, I've never seen anyone actually complaining about not contributing content because they didn't know how a citation style works. – Finnusertop (talk ⋅ contribs) 17:53, 18 November 2018 (UTC)[reply]
• I think this RFC might be the wrong question--I don't need to make an RFC to get permission to ask certain questions, I should just ask those questions. I would rather see us start to chip at the problem instead of a massive RFC to ask about giving carte blanche to deprecate or retain certain citation styles (and I'll throw "formats" in too). Why don't we figure out whether we should use vertical citations first? (And if we do, where we should, or could.) That seems like an easier question to answer. --Izno (talk) 18:58, 18 November 2018 (UTC)[reply]

  Sigh... We have had that discussion (over horizontal vs vertical) multiple times in the last few years... the result was consistently that both are acceptable. Blueboar (talk) 19:14, 18 November 2018 (UTC)[reply]

  Not really, and certainly not at that page. A handful of "format versus kind of citation" type discussions, but never anything which would give concrete guidance to "use vertical citations for everything" or "use only in WP:LDR" or "do not use within prose". I'm not looking for "can we use it?" only, I'm looking for "when?", and that's never been answered, though I think there's a common sense answer at this time that everyone probably would settle on and agree to add to the guideline if they would only discuss the point. --Izno (talk) 19:31, 18 November 2018 (UTC)[reply]

  Either way, that's just one example. There are other questions we could sensibly ask of the same sort that still bypass this overarching RFC that just don't need permission to be asked. --Izno (talk) 19:38, 18 November 2018 (UTC)[reply]

• Support - It's quite possible for the community to establish a minimum set of citation styles that will suffice for most known cases. More freedom than that doesn't decrease edit-warring, it increases it. Most editors will respect a content guideline even if they disagree with it, for the sake of site-wide consistency. The project has established an arbitrary "Wikipedia way" for everything from article titles to order of article elements, I see relatively little edit-warring in those areas (except in edge cases not clearly addressed by the PAG), and there is little question that the encyclopedia has benefited from that consistency. Editors accustomed to using title case in titles and headings adapt to sentence case when editing Wikipedia, and so on, and this is not an excessive burden for members of the most adaptable species on the planet. This situation is no different.
  There are PAGs that are obsolescent, and many that are unnecessarily complex. If the community would put some ongoing effort into reduction and simplification of existing PAGs, WP:CREEP would be far less of an issue; we would simply trade bad PAGs for better PAGs. I support that. ―Mandruss ☎ 19:16, 18 November 2018 (UTC)[reply]
• Oppose, per Nigel Ish. As he said, we have CITEVAR for a reason. SarahSV ^(talk) 22:05, 18 November 2018 (UTC)[reply]
• Oppose per everyone above - If the source is adequate and does the job in verifying whatever that claim is then that's perfect in my books - The style is all but irrelevant. –Davey2010^Talk 23:18, 18 November 2018 (UTC)[reply]
• Oppose per Softlavender and Iridescent. Beyond the obvious WP:CITEVAR issue, implementing this would be a nightmare. There are literally thousands of different citation styles in common use around enwiki, just a list of them all would be a massive undertaking, let alone a brief guide for every single one. And, frankly, I'm just glad when an article has citations, even if they're just bare URLs. Nathan2055^{talk - contribs} 08:14, 19 November 2018 (UTC)[reply]
• @Izno: If anyone wants to close this RfC early for asking the wrong question I'm fine with that, although I'm not sure what should happen afterwards. Jc86035's alternate account (talk) 08:38, 19 November 2018 (UTC)[reply]
• Oppose for now per WP:CREEP. I haven't seen a situation where this policy would be needed. --Jayron32 12:05, 19 November 2018 (UTC)[reply]
• Question The proposal does not appear to me to be a change to policy, but a mere suggestion that preferred methods by presented. The !votes seem to be addressing something much stronger. Would this explanatory guideline require of particular formats? Would it prohibit the use of some formats? Jacona (talk) 15:35, 19 November 2018 (UTC)[reply]
  • The proposal appears to suggest a "suggestion" now, with more detailed and prescriptive controls coming later as a result of follow-up RFCs. Of course one danger is that editors will take any suggestions, however mild, as policy and use it to force changes through.Nigel Ish (talk) 15:48, 19 November 2018 (UTC)[reply]
    • Indeed. That which is not forbidden is mandatory. Every "optional" rule is always a mandatory rule once it is in a fixed form. --Jayron32 17:12, 20 November 2018 (UTC)[reply]
• Oppose - Solution looking for a problem. Beyond My Ken (talk) 19:54, 22 November 2018 (UTC)[reply]
• Strong Oppose This will make editing Wikipedia much harder. —Eli355 (talk • contribs) 22:15, 22 November 2018 (UTC)[reply]
• Oppose per WP:CREEP, and the eloquent arguments above.--Esprit15d • talk • contribs 23:57, 26 November 2018 (UTC)[reply]
• Oppose per Iridescent; unless we're establishing one house reference style based on CS1 (possibly with the option for WP:HARVARD referencing) this is a lot of work and extra policy for no benefit. The exact details of MLA v. ASA formatted refs don't need to be established anywhere on-wiki; if somebody really cares they can check the official book. This also seems like a bad way to try to deprecate some of the 2000 ref templates; if that's your goal I'd advise a separate thread at WP:VPI. power~enwiki (π, ν) 05:22, 28 November 2018 (UTC)[reply]
• Absolutely yes, but in specific terms: Namely, either WP:CS1 or WP:CS2, or any citation style codified in a reliable source on citation styles. But no more people making up their own weird nonsense, the personal pseudo-style. (Or, they're fine to make one up, but others are fine to change it to something legit).  — SMcCandlish ☏ ¢ 😼  12:39, 1 December 2018 (UTC)[reply]

Administrators often impose or suggest editing restrictions on blocked editors, either of their own accord or accepting suggestions from the editors themselves, as "conditions" to accepting an unblock request. We sometimes log these (see Wikipedia:Editing restrictions) as "voluntary" bans or as "unblock conditions" (or sometimes not at all). I think these sorts of unblock conditions are a good use of admin discretion, but I've realized recently that there does not actually seem to be any support for these sorts of ban in the banning policy. According to the policy (see #Authority to ban), bans may be imposed either by community consensus, or by admins acting under authority of the arbitration committee in designated topics (discretionary sanctions). They can also be imposed by Jimbo or the WMF but let's not get into that.

I propose that a bullet be added to this section, specifying that an administrator acting under their own authority may impose a relevant editing restriction (a ban) as a condition to a user being unblocked, if the administrator believes that such a sanction will prevent disruption related to that user's block. This would bring the banning policy in line with the blocking policy (see #Conditional unblock). Ivanvector (^Talk/_Edits) 19:00, 17 November 2018 (UTC)[reply]

Support if and only if the same with the agreement of the blocked user wording from WP:CONDUNBLOCK is included. Otherwise, you're giving individual admins the power to unilaterally decree what other editors may and may not do, which is a Really Bad Idea; except in the cases of the most blatant vandalism, it's rare to find any situation in which every admin will agree on what does and doesn't constitute disruption, so what you'd effectively be doing is giving a massive first-mover-advantage incentive for every self-appointed social engineer to impose their personal standards of what constitutes 'disruption' every time a ban appeal comes up. ‑ Iridescent 19:27, 17 November 2018 (UTC)[reply]

Just copy the appropriate text from CONDUNBLOCK, which is where this authority comes from. No need to reinvent the wheel. Also, agree with Iri on not giving individual admins the authority to ban without consent or ArbCom authorization. TonyBallioni (talk) 19:41, 17 November 2018 (UTC)[reply]

• (edit conflict)Support with Iridescent's qualifier. It's de facto (and not a bad idea) so might as well make it de jure (with Iridescent's restriction to prevent it from becoming a bad idea). This would be useful in separating users who are WP:NOTHERE vs those who just cannot safely handle a particular topic at the moment. Even if this practice did not already exist:
  - If they don't agree to the topic ban then they must not be interested in contributing to the encyclopedia in general but specifically engaging in whatever behavior got them blocked.
  - If they agree to the topic ban and break it, then we have enough WP:ROPE to block them and let God handle their appeals.
  - If they agree to the topic ban and then give up on all activity (as sometimes happens after TBANs), then there's no difference between that and leaving them blocked -- except that we're not "punishing" them.
  - If they agree to the ban and abide by it, they have a chance of becoming productive editors, which should be the primary goal for any interaction with other editors.
  In any case, it is a net gain for the site. Ian.thomson (talk) 19:46, 17 November 2018 (UTC)[reply]

• @Ian.thomson, I don't agree with If they don't agree to the topic ban then they must not be interested in contributing to the encyclopedia in general but specifically engaging in whatever behavior got them blocked in the slightest. If they don't agree to the topic ban, they may just feel that its scope is too broad or inappropriate, and may well feel that for good reason; I've seen some truly goofy topic ban proposals in my time, and having a single admin make the call rather than an AN/ANI discussion means the checks and balances of the rest of the community explaining why the proposed topic ban is unworkable won't be there. ‑ Iridescent 19:59, 17 November 2018 (UTC)[reply]

@Iridescent: Ok, what about the specification "if they don't agree to a perfectly reasonable topic-ban"...? Like, yeah, if someone is being disruptive at just (clicks random article) Paromitar Ek Din, a proposal to ban them from all articles relating to either India or movies would be extreme, but (depending on the kind of disruption) "movies by Aparna Sen" or "movies starring Rituparna Sengupta" or even just a topic ban relating to that one movie would probably be a good indication whether or not the user is too hyper-focused on that topic to want to be useful elsewhere. Ian.thomson (talk) 20:07, 17 November 2018 (UTC)[reply]

Sure, but it's fair to see their side as well, and if they have a reasonable objection to the topic ban we should treat it as such, even if we don't necessarily accept their proposed wording. To take a fictional but eminently plausible hypothetical, imagine editor Foo has spent most of their editing career writing about old cowboy movies, but then got sucked into Trumpian edit-wars and eventually got banned under WP:ARBAPDS. They appeal their ban, and the admin Bar agrees to unblock subject to a topic ban using the standard wording of all pages related to post-1932 politics of the United States and closely related people, broadly construed. Editor Foo complains that they can't accept this, since this definition will include Ronald Reagan and Clint Eastwood, making it impossible to return to their favorite topic of cowboy movies even though their edits there were universally accepted as uncontroversial. In this case admin Bar's initial complaint is completely reasonable since it's using standard Arbcom-mandated wording, but there wouldn't be anything vexatious about editor Foo refusing to accept it. (This kind of thing used to come up all the damn time back when The Troubles was still a hot topic—since virtually every person of consequence in Northern Ireland was linked to the conflict in some way or another, topic bans had the de facto effect of banning editors from anything historical or biographical.) ‑ Iridescent 20:22, 17 November 2018 (UTC)[reply]

I can't recall a wording for it (other than WP:COMMONSENSE) but I've been given mixed messages as to whether pages that cover multiple topics are treated as divided territory or the worst possible topic. There's some city that's a sister city to Jerusalem. When an edit war broke out in that article over whether Jerusalem is in Israel or Palestine, I got fussed at for citing the Arbcom DS for the Palestinian/Israeli conflict, even though everyone (except a few WP:SPAs) agreed that locking the page was necessary to stop the edit war (though I still don't understand why I was the first to lock the Two-state solution article!). Still, I've also seen plenty of cases where someone got in trouble for editing part unrelated to a DS of an article that was partly covered by a DS. If the topic ban is being implemented through this and not through discretionary sanctions and the editor has a proven history of improving cowboy movie articles (or whatever), the hypothetical admin should be willing to say "ok, you can still edit the parts of the Eastwood and Reagan articles from before they entered politics, except when they made political statements during their acting careers." (Looking a non-cowboy Arnold Schwarzenegger, acting careers after entering politics might too much of a gray area, though, IMO). Ian.thomson (talk) 20:46, 17 November 2018 (UTC)[reply]

• Support with Iridescent's qualifier per everything Iridescent has said in this discussion. Thryduulf (talk) 20:48, 17 November 2018 (UTC)[reply]
• Oppose Too big a grant of authority to individual admins. Topic bans should require a community process. --Trovatore (talk) 20:56, 17 November 2018 (UTC)[reply]
  • This is already policy. All Ivanvector is suggesting is what amounts to a cross-reference in the banning policy. Opposing this wouldn't stop conditional unblocks. TonyBallioni (talk) 21:46, 17 November 2018 (UTC)[reply]
• What Iri and Tony said. ~ Amory (u • t • c) 21:44, 17 November 2018 (UTC)[reply]
• This is already policy, no harm cross referencing it at the banning policy as well. If the blocked editor is unwilling to accept the proposed unblock conditions, they have the option of waiting out their block (if not indefinite) or not agreeing, which will result in their appeal being declined, at which time they can request further review (whether indef or time-limited). Seraphimblade ^{Talk to me} 21:50, 17 November 2018 (UTC)[reply]
  • Indeed, unblock conditions can result from a negotiation of the details - e.g. tweaks to boundaries, clarifications, etc. (e.g. I recall one user suggesting a slightly different wording to avoid potential confusion between the plain English meaning of a word and the more specific meaning of that word as a term of art in the topic area concerned) and this is a Good Thing as restrictions both 'sides' are happy with are far more likely to be adhered to. Thryduulf (talk) 23:07, 18 November 2018 (UTC)[reply]
• Support Iridescent's version, to ensure this does not get out of hand. — AfroThundr ^{(u · t · c)} 05:45, 19 November 2018 (UTC)[reply]
• Good points everyone! I think we're all pretty much in agreement with Iridescent. One last sticking point is that bans are meant to be community sanctions, but in this situation we have a ban imposed by an agreement of two editors (the blocked user and the unblocking admin). In my view such a ban should still require a discussion at a community noticeboard to lift the ban, the same as with other bans enacted by the community. That's basically current practice anyway, I'm just thinking about how to update the banning policy to match. Is there any opposition to that? Ivanvector (^Talk/_Edits) 13:23, 19 November 2018 (UTC)[reply]
  • @Ivanvector: I assume you mean adding a sentence along the lines of appeals should be made at AN? If so, what about time-limited bans? Thryduulf (talk) 13:43, 19 November 2018 (UTC)[reply]

• I'm thinking of adding a line item under "authority to ban" describing this situation, and in that case the appeal method is already in the policy. I guess the line item would need to specify that this sort of ban is to be considered a ban imposed by the community. Reviewing just now, maybe it's better for this to be a separate subsection (e.g. "unblock conditions") like how we have a "bans for repeated block evasion" section. As for time-limited bans, I don't think a distinction needs to be made. I personally don't do time-limited bans, the way I see it if there's consensus for someone to be banned then they need to actively convince the community to unban them in the future, but I do know that time-definite bans are a thing we do. Ivanvector (^Talk/_Edits) 13:52, 19 November 2018 (UTC)[reply]

• Support Iridescent's but not community ban lifting - I disagree in thinking that a community agreement should be required to remove the conditional partial bans. If nothing else, it makes no logical sense because of the existence of time-limited bans (as they'd be removed without any involvement of the community along the way so there's no fundamental community link to the bans). I would say the individual is entitled to appeal to either the admin or the community to remove an indef T-ban (et al) but that's their choice. I suppose any admin doing this could say "indef requiring community removal" but that would seem a bit iffy. Nosebagbear (talk) 19:22, 20 November 2018 (UTC)[reply]
• Support with Iridescent's qualifier. We should never tolerate a WP:POLICYFORK once one has been identified.  — SMcCandlish ☏ ¢ 😼  12:41, 1 December 2018 (UTC)[reply]
• Support. Ivanvector's proposal seems to be a no brainer. I'll trust the community on the wording. - FlightTime (open channel) 13:10, 1 December 2018 (UTC)[reply]

FYI

 – Pointer to relevant discussion elsewhere.

Please see: Wikipedia talk:Manual of Style/Lists#Overly long list items

Gist: Add brief advice about what to do about excessively large items in lists, to either WP:Manual of Style/Lists or WP:Summary style.  — SMcCandlish ☏ ¢ 😼  23:25, 20 November 2018 (UTC)[reply]

Yeah, I know, WP:PERENNIAL. But after yet another compromised inactive admin account ran amok over the project today, I feel like this should be revisited. The account in question did not have a logged action in over 2 years, and had made only 5 edits in 2017 and one in 2018. The policy as currently worded reads:

I propose modifying this to:

The change removes the notification requirement, and the "edits" criterion. The effect is that admin accounts which don't use admin tools for 12 months will simply have the bit silently removed as a matter of security. We won't tell them we're about to do it, and then they won't log in and make one nonsense edit to hang on to the bit. Removal will just happen when they've been away long enough, and if they come back some time later and want to go back to adminning they just ask at BN and go through the 24-hour hold like anyone else whose bit has been voluntarily removed. In fact admins should be actively discouraged from "holding on to the bit" in this manner, but let's at least do this. Ivanvector (^Talk/_Edits) 17:51, 22 November 2018 (UTC)[reply]

Survey/discussion

• Support Given the length of time the inactivity policy has been around for now, I think it's reasonable to assume every active admin has heard of it, and nobody will be surprised if their rights expire, so provided this gets enough publicity in the right places, we should just do it. Also, as I just said on another thread, I think it would also be helpful to make two factor authentication mandatory for all admins, and desysop those who do not turn it on. It would stop this kind of disruption. Ritchie333 ^{(talk) (cont)} 18:09, 22 November 2018 (UTC)[reply]

I agree with the idea of desysoping (or at least warning) people for not using 2FA, but there would have to be some kind of cool-down period. Earlier this month, I had to get my phone replaced, meaning I went a day or so without 2FA. It simply wouldn't have been efficient to remove the bit for only 24 hours (especially because I was still active). Perhaps existing admins should get a month or two to set it up, all new admins get one week post RFA closure, and all admins that need to temporarily disable it also get a week. Anarchyte (talk | work) 23:12, 22 November 2018 (UTC)[reply]

I strongly disagree with any forced 2FA idea. Forcing editors to have a certain device in order to be admins runs contrary to our most basic principles. There is no rational reason to preclude people unwilling or unable to use such additional devices from being admins. Especially since 2FA is still a hassle as Anarchyte points out and any problem with the device might render an admin incapable of editing at all. Plus, how many active admin accounts have been compromised? Regards SoWhy 11:58, 23 November 2018 (UTC)[reply]

I also strongly oppose mandatory 2FA. Benjamin (talk) 01:12, 25 November 2018 (UTC)[reply]

Which part of our basic principles is it that requires insecure login methods?  — Scott • talk 15:42, 3 December 2018 (UTC)[reply]

• Support though I fear that this is symbolic as all the inactive admins will come out of the woodwork to oppose. --Rschen7754 18:15, 22 November 2018 (UTC)[reply]
• Oppose obviously seeing as not all admin actions are "logged" (for example edits to protected pages, statements in admin function such as WP:AE posts, "Stop this or I'll block you" threats and so on). Other projects which have such inactivity policies have had drama centered on whether non-logged admin actions count and there is the additional concern that such a policy would create an incentive to perform inappropriate but logged actions instead of appropriate but not logged actions. That, and I am sure we can count non-logged admin actions... Jo-Jo Eumerus (talk, contributions) 18:13, 22 November 2018 (UTC)[reply]

  In that scenario (eg: "Hey, I was busy promoting DYKs from prep to queue, now I can't!") I think they should be able to get the tools back ASAP if they just ask at WP:BN. I'm not anticipating a rush. Ritchie333 ^{(talk) (cont)} 18:17, 22 November 2018 (UTC)[reply]

  Yes, but if they're actively doing things that don't get logged for twelve straight months they clearly not actively using the tools, and as Ritchie said they can just ask for them back. It's not a disincentive to adminning, it's purely a security feature. Ivanvector (^Talk/_Edits) 18:53, 22 November 2018 (UTC)[reply]

  @Ivanvector: be careful not to set up loop here as well - example: don't log anything for 12 months, then say "hey I'm back resysop me", then they don't use it right away - do we just pull it again? — xaosflux ^Talk 19:19, 22 November 2018 (UTC)[reply]

  Process-wise we would likely only review these once a month, for what it's worth. — xaosflux ^Talk 19:20, 22 November 2018 (UTC)[reply]

  Well, I'm not a 'crat, but I would say yes, create that loop. It's slightly better (security-wise) than the current loop of notify admin, "hey i'm not idle", then they spend another year idle with admin access. Ivanvector (^Talk/_Edits) 19:57, 22 November 2018 (UTC)[reply]

  @Ivanvector: perhaps you have considered this already, but significant areas of admin activity are not logged. Anything main page related, and anything related to editing restrictions other than blocks, will not appear in the logs. I know several admins who stick to main-page work. Vanamonde (talk) 05:58, 23 November 2018 (UTC)[reply]

  @Vanamonde93: yes, that has come up, there's a discussion about actions that aren't logged below. It is a very good point. Ivanvector (^Talk/_Edits) 13:12, 23 November 2018 (UTC)[reply]

• Support both this proposal and the additional requirement for 2FA by Ritchie333 above. Bradv 18:19, 22 November 2018 (UTC) Striking 2FA comment, as that is not part of this proposal. Bradv 20:26, 23 November 2018 (UTC)[reply]
  • I agree with the 2FA requirement, but should that be a separate proposal? Jack N. Stock (talk) 18:34, 22 November 2018 (UTC)[reply]
  • Yes, that should be a separate proposal and has been a few times. As I understand it 2FA is still considered "beta", and there has been significant pushback whenever anyone suggests it be required for any level of account. (The functionaries email list blew up over this very recently, and that's only a few dozen users) Ivanvector (^Talk/_Edits) 18:55, 22 November 2018 (UTC)[reply]

    WP:INTADMINs are required to have 2FA but that is only because of a mandate from the WMF Galobtter (pingó mió) 19:01, 22 November 2018 (UTC)[reply]

  • Yes, the 2FA requirement should be a separate proposal. And it probably is premature, as 2FA is not even available to non-admins yet. Bradv 19:02, 22 November 2018 (UTC)[reply]
• Support. We need to do something about all the hat collectors who refuse to give up their unused permissions. It's a security risk, and they can ask for their permissions back if they're actually doing something useful. NinjaRobotPirate (talk) 18:27, 22 November 2018 (UTC)[reply]
• Support - TNT ^💖 18:52, 22 November 2018 (UTC)[reply]
• I'm curious how many administrators presently meet this criteria? –xeno^talk 18:58, 22 November 2018 (UTC)[reply]

  @Xeno: 288 per this list (including 4 'crats). — xaosflux ^Talk 19:05, 22 November 2018 (UTC)[reply]

• Ivanvector this should be an WP:RFC, and also on WP:CENT. Galobtter (pingó mió) 19:02, 22 November 2018 (UTC)[reply]

Good point. RfC banner added, and I'll advertise on CENT as soon as I figure out how that works. Ivanvector (^Talk/_Edits) 19:09, 22 November 2018 (UTC)[reply]

• Strong support This should be done to any account with advanced permissions, such as rollbackers and reviewers, not just admins. funplussmart (talk) 19:05, 22 November 2018 (UTC)[reply]
• I suggest that this proposal should also modify the lengthy inactivity section to clarify that the clock for the three years of uninterrupted inactivity always starts with the last edit, and not with the last administrative action. isaacl (talk) 19:05, 22 November 2018 (UTC)[reply]
• Support the original proposal per the nominator, oppose making 2FA mandatory. I'm presently unable to use it as my only compatible second device is away being repaired (due to an obese battery). There is also insufficient capacity at the WMF to handle users who have problems with it. Thryduulf (talk) 19:31, 22 November 2018 (UTC)[reply]
• Oppose if you're going to get rid of the edit requirement then you need to have some sort of protection for admins who perform non-logged actions. We've had admins who only take part in admin actions that don't generate logs, such as editing the various bits of the main page. Such an admin would be desysopped even though they're still performing admin actions. Yes, they could ask for the admin tools back, but I don't see why they should have to every month just because of a badly drafted policy. Strictly this would also allow new admins and recently resysopped admins to be desysopped as well. Hut 8.5 21:01, 22 November 2018 (UTC)[reply]
  • I imagine the bureaucrats would just skip that admin each month, knowing that they are performing non-logged administative actions. As long as the number of these are low, it should be manageable. isaacl (talk) 22:47, 22 November 2018 (UTC)[reply]
    • They might skip them, they might not. There would be no policy basis for doing so and bureaucrats tend to be keen on sticking to procedure. The more of these admins there are the harder it is to justify not desysopping them. The whole issue could be avoided by striking one word from the proposed policy change. Hut 8.5 20:37, 23 November 2018 (UTC)[reply]
      • @Hut 8.5: I have no problem with that personally, but then we're asking the 'crats to take on the non-trivial work of judging which admins are active. There's a proposal below to implement a log for editprotected actions, so that editing a protected page will be a logged action and count toward activity with this wording. And viewdelete has come up but as I understand how filters work just looking at a deleted page is not something that can be logged, but so far a theoretical admin who only uses viewdelete is an extreme edge case. Ivanvector (^Talk/_Edits) 20:55, 23 November 2018 (UTC)[reply]
      • Sure, I don't have an issue with removing the word "logged" from the proposed text. "may be desysopped" leaves the door open for judgment, but I agree that there isn't a need to limit the range of applicable administrative actions. isaacl (talk) 21:00, 23 November 2018 (UTC)[reply]
        • I'd be happy to support this if the activity requirement was defined in terms of admin actions, where an admin action is something which can only be done by an admin and which shows up in your contribution history somewhere. That would include editing fully protected pages, closing discussions which have to be closed by admins, imposing discretionary sanctions and probably a few other things. I agree viewing deleted pages isn't enough and we can't verify it anyway. "Logged action" will be interpreted as something which shows up in Special:Log, which is more restrictive. Hut 8.5 21:42, 23 November 2018 (UTC)[reply]

  That's the intent, really: by "logged action" I mean "some action that requires admin permissions". Up until very recently (see below) I was under the impression all admin actions were logged in one way or another. Logging everything admins do is good for accountability, and also has this side benefit of being an indicator (by absence of log entries) of which admins are not actively adminning, and so I went with "logged action" for the policy wording. But it's just as well if it's wording meaning "any administrative action" as long as we have an unchallengeable definition (i.e. editing a protected page is, closing an RfC is not; it's something non-admins cannot do, not just something they shouldn't) and some way to measure it (i.e. logging, or maybe a bot to do the check, or calling on the 'crats to do it). Ivanvector (^Talk/_Edits) 22:06, 23 November 2018 (UTC)[reply]

• Sounds like a use case for Wikipedia:Interface administrators. If an admin exclusively edits interface pages and has no interest in performing logged actions, then in the interest of security, they should not retain the entire administrator tool set -FASTILY 21:48, 22 November 2018 (UTC)[reply]

• Interface admin allows people to edit interface pages, not ordinary full-protected pages. Furthermore interface admins can do a lot more damage than admins and you have to be an admin to be an interface admin. Hut 8.5 22:04, 22 November 2018 (UTC)[reply]

• Support, and Support 2-factor authentication as well. I'd prefer 6 months, but as some admins seem to think 12 months means one month, that would only confuse them. DuncanHill (talk) 21:05, 22 November 2018 (UTC)[reply]
• Strong Support. As Wikipedia's reputation and popularity continue to grow, it's imperative that we take security/user access controls more seriously. -FASTILY 21:51, 22 November 2018 (UTC)[reply]
• I support this too. Taking out the notifying part is a good idea. BTW Esanchez7587 should have lost the bit a year ago. Drmies (talk) 21:57, 22 November 2018 (UTC)[reply]
• Oppose The Administrators are still using their account. —Eli355 (talk • contribs) 22:19, 22 November 2018 (UTC)[reply]

*Support - We're not in 2006 anymore and this isn't a small fairly unknown website, We're currently the 5th visited website in the world and as such in this day and age account compromises really shouldn't be happening, But compromises can and do happen everywhere so we're not always going to be tiptop in that respect, Anyway I support the modification/update. –Davey2010^Talk 23:02, 22 November 2018 (UTC)[reply]

• Support - Not sure what I was going on about above .... but anyway admins logging in and making one logged-edit simply to keep their tools is ridiculous - If you're not actually going to help here then what's the point in keeping the bit ? .... so the silent removals (instead of notifications first) will hopefully stop this, As the saying goes: Use it or lose it. –Davey2010^Talk 12:37, 2 December 2018 (UTC)[reply]

• Support it’s not that difficult to make the trip to CAT:EX or CAT:G7 so the inevitable “people will make dumb actions just to keep the bit” thing falls flat. Opppse anything about mandatory 2FA. I use it, but we would lose several functionaries if we required it not to mention countless admins. TonyBallioni (talk) 23:07, 22 November 2018 (UTC)[reply]
• Support - Not sure how long it should be, but the constant gaming by inactive−but technically active−admins is counterproductive. Anarchyte (talk | work) 23:12, 22 November 2018 (UTC)[reply]
• Oppose. We want inactive admins to resume helping if and when they want to; there are life reasons someone may step away from the project, and not all will be willing to run the RfA gauntlet again as Opabinia regalis was. We don't want to encourage someone disaffected with the project but unwilling to surrender their tools to delete something or block someone just to keep them, even if it's an unquestioning response to a noticeboard request. Admins who do things like editing fully protected pages (not only DYK, but ERRORS comes to mind) are as useful as those who specialize in deleting and/or blocking, but the former don't appear in the easy to check log. (Nor does checking deleted contributions in evaluating how to speak to an editor, for that matter.) On the other hand I got lots of log entries for moving my own drafts to main space "without leaving a redirect". It's not a fair metric of admin activity. Desysopping for inactivity is also not an efficient way to protect against admin abuse: I recall one case where an admin ran wild including posting a philosophical musing to the Main Page. Emergency desysopping is the best strategy and less likely to lose us useful admins. And we already have that. I also recall seeing something about functionaries periodically testing admins' passwords for strength, but given other cases I recall, I doubt that's been being done. That would help (and would encourage those who don't have serious problems with two-factor authentication to take the step to get out of the resulting demands they change their single password). Also, admins are expected to have e-mail turned on; has any thought been given to bureaucrats' e-mailing those who don't appear to be using their tools, asking whether they would consider handing them in voluntarily? Yngvadottir (talk) 23:17, 22 November 2018 (UTC)[reply]
  • There is no need to run the RFA gauntlet again if you return with 2-3 years, that bit wont change. Thryduulf (talk) 23:22, 22 November 2018 (UTC)[reply]
  • (edit conflict) Yngvadottir, I think you're misunderstanding the proposal. This isn't "anyone who doesn't use their admin tools for a year has to re-run RFA", it's "anyone who doesn't use their admin tools for a year has to post a request at WP:BN for them to be turned on if they decide to start admin-ing again, and the crats will automatically do so". ‑ Iridescent 23:23, 22 November 2018 (UTC)[reply]
    • @Thryduulf and Iridescent: Ah. Thanks for clarifying. I've done some striking at the start. Yngvadottir (talk) 23:32, 22 November 2018 (UTC)[reply]
• I would prefer to increase the requirement on what constitutes as "active". An editor who has six edits over two years should not be considered active enough to keep the tools. Mkdw ^talk 23:35, 22 November 2018 (UTC)[reply]
• Support Use it or lose it. The current requirement of needing a single edit in a calendar year is routinely gamed and far too low of a bar for retaining advanced permissions that can cause wide-spread disruption. Having read through previous related discussions I have never seen anyone present a compelling argument against implementing more stringent requirements.-- Jezebel's Ponyo^{bons mots} 23:43, 22 November 2018 (UTC)[reply]
• Support We have nearly 80 admins who have edited in the last 12 months but haven't performed a logged admin action for over five years (in a few cases, ten). All of those, unless they're performing a large amount of non-logged actions - which I doubt - need to lose the bit. There's even a few there who have never passed an RfA .... Black Kite (talk) 23:59, 22 November 2018 (UTC)[reply]
• Support per nom and above supports. ZettaComposer (talk) 00:53, 23 November 2018 (UTC)[reply]
• Support this system is easier to implement, prevents gaming, and has good rationale as per nom. --Tom (LT) (talk) 01:08, 23 November 2018 (UTC)[reply]
• I don't like the idea of -288 admins and -4 crats. I do like the idea of 2fa being mandatory. SQL^{Query me!} 02:34, 23 November 2018 (UTC)[reply]
• Support. Removing privileges from admins who don't engage in any admin activity is a "paper loss", but a compromised account with privileges causes real harm. The standard proposed is still conservative and easy to meet. By comparison, some other WMF projects have requirements for admin actions every 6 months. (See meta:Admin activity review/Local inactivity policies for more information on other projects' policies.) --RL0919 (talk) 02:44, 23 November 2018 (UTC)[reply]
• Support. Re-requesting the bit if it's been removed is no big deal; compromised admin accounts meanwhile pose a much larger issue to the project. Home Lander (talk) 04:18, 23 November 2018 (UTC)[reply]
• Oppose. First off - This is very premature. Difficult cases make bad law; it's always a bad idea to respond to an event by immediately trying to create a policy that will prevent its recurrence. There has not yet been an analysis of what was going on here. We don't actually know if this is a compromised account; really, what we have is an admin account that acted in an unacceptable manner. Conclusions have been leapt to, and they have not yet been proven. Second - there's no evidence that this change will prevent future similar episodes. The vast majority of administrator accounts that required their privileges to be yanked were those of administrators who would easily have met these more stringent standards, let alone the current ones. Come back in a month, with greater research and good evidence that the proposal will likely prevent rogue administrator actions, and then we can talk. Risker (talk) 04:40, 23 November 2018 (UTC)[reply]

  We do know that the account was compromised (related phab task) but otherwise agreed that knee-jerk reactions aren't the way forward here. -- Ajraddatz (talk) 05:14, 23 November 2018 (UTC)[reply]

(Unfortunately the task is not visible to the public.) — regards, Revi 05:17, 23 November 2018 (UTC)[reply]

What we do know is that the same person has compromised (or at the very minimum, abused) 16 other accounts.[6] Personally I've no doubt about it. -- zzuuzz ^(talk) 07:20, 23 November 2018 (UTC)[reply]

Well, since Ivanvector below has indicated that this proposal isn't really about the recent admin account hackings, and it seems to now be understood that this wouldn't prevent hacking in the first place, I'd be willing to consider an increase in the activity levels of admin accounts. However, I do see lots of useful admin activities that are not logged. If there is to be a change in threshold for de-adminning, I'd go with any combination of X number of edits and Y number of logged admin actions within the previous 12 months, where the total of X+Y equalled some specified number; for example, there must be a minimum of 10 actions (either edits or logged admin actions) within the past year. I strongly believe, however, that the notification of a user that they are on the verge of losing their admin tools is absolutely mandatory; I actually don't understand why anyone would think it was okay not to do so. And it seems there is an agreement that 2FA is off the table too, which is a good thing, since it's really out of the control of a single project. Risker (talk) 02:25, 24 November 2018 (UTC)[reply]

It is about the recent hackings, but not meant to be a solution to that problem, just mitigating risk. If the idle hacked accounts had not had admin access then probably the hack would have just taken another form, the vandal has also been hacking accounts that only have rollback permissions. As for the notification requirement, my rationale for changing it is that in the policy's current form we let admins be entirely idle for an entire year, then we tell them to make one single edit if they want to hang on to the bit for another entire year, and in my view that entirely defeats the purpose of suspending the rights of inactive accounts. We might as well just not have this policy at all. If we alter the activity requirements instead, that could be an alternative to this proposal, but given that so many have already commented here on the original I think it would be a good idea to break that out into another subsection. Ivanvector (^Talk/_Edits) 14:58, 24 November 2018 (UTC)[reply]

Well, since it *is* about the recent hackings after all - and given the fact that as I write this I am currently investigating the most recent compromised admin account (of an administrator who is highly active)....this entire discussion is moot. This isn't going to stop the vandal involved, and I don't think it reduces risk whatsoever. Risker (talk) 20:33, 24 November 2018 (UTC)[reply]

• Oppose Having to ask for my bit back every month because I only edit protected pages is not an ideal scenario. Stephen 05:08, 23 November 2018 (UTC)[reply]
• Oppose - As a semi-active admin (but not one who would currently be desysopped under this proposal), I can't support this. I don't believe that the risk of rogue admin actions outweighs the harm to the project that would be caused by driving away semi-active admins who have put in a lot of time and edits, even if real life is preventing them from logging admin actions right now. In addition, desysopping without even a notification is cruel. -Danaman5 (talk) 05:39, 23 November 2018 (UTC)[reply]

"Cruel"? I had my admin rights on Monochrome BBS removed without asking sometime around 2002 (I couldn't even pinpoint the year, which is kind of the point) because of inactivity. All I said was "it's a fair cop". Ritchie333 ^{(talk) (cont)} 12:05, 23 November 2018 (UTC)[reply]

• Support Not really about security, because I feel that's a non-issue overall. But I have long thought this policy needed tightening up to stop people "playing the game". I would change it slightly though, to remove the word logged, so removals should be based on any edit or log which required admin status. Aiken D 06:37, 23 November 2018 (UTC)[reply]
• Oppose I was going to say what Risker said, but she already said it, so I can just say "what Risker said" ;) We can't just stop informing people of changes that concern them because we don't want them to actually act on that information. Adding to that, I always have a negative reaction to the tone of some of the comments in admin-activity discussions - there's always a lot of snippy posts about "gaming the system" and "hat collecting" and whatnot. Every time I point out that that was me at one point, I almost certainly would have done the "log in and make an edit or three" thing if I'd seen the messages while I wasn't active, and it would have been entirely due to thinking "oh yeah, it's been awhile, I should get back into that when I get some spare time" and then not following up due to, well, lack of spare time. And based on that the same stuff gets posted every time, it seems that pointing out that there's a perfectly reasonable good-faith thought process behind this behavior has exactly zero demonstrable impact on people's willingness to make kind of mean-spirited assumptions. That's not a reason to oppose on its own but it's a weird and off-putting pattern. *shakes fist at cloud* Opabinia regalis (talk) 07:10, 23 November 2018 (UTC)[reply]
• Question: What's the escalation plan for two years or so from now, when the new moral panic is about admins who create and then speedy a page in their userspace once a year? —Cryptic 08:25, 23 November 2018 (UTC)[reply]
• Support By definition, by not editing/doing an admin log in 12 months means they are not an admin! Lugnuts ^{Fire Walk with Me} 08:54, 23 November 2018 (UTC)[reply]
• Oppose, far too many "things only admins can do" don't appear in the logs. We need more admins not less. Fish+Karate 09:25, 23 November 2018 (UTC)[reply]

  And I will note this RFC has not been written neutrally. "Yet another admin account" implies this happens frequently; per Wikipedia:Former_administrators/reason/compromised, the accounts of Denelson83 and Esanchez7587 have both been compromised this year, but the last one prior to these two was in 2012. Nine compromised admin accounts in 12 years is not frequent. "Ran amok over the project" - they made zero edits and 12 administrative actions, 10 of which were blocks, all of which were undone within 33 minutes. Emotive language doesn't help anyone. Fish+Karate 09:44, 23 November 2018 (UTC)[reply]

  In 2016 quite a few admin accounts were hacked by OurMine (see [7]) and they're not listed there in former administrators because they recovered their accounts (see e.g this for locking and unlocking) Galobtter (pingó mió) 10:03, 23 November 2018 (UTC)[reply]

  And in 2015, a few accounts were compromised by an attack elsewhere, including two admin accounts. I can agree with the wording being a little iffy, though it's a little more understandable after these are factored in. Anarchyte (talk | work) 10:11, 23 November 2018 (UTC)[reply]

  Thanks both, I was not aware of these. This takes it to 14/15 or so admin accounts in 12 years, unless there's others still unlisted, which still doesn't strike me as a regular occurrence to the point 2FA has to be imposed on everyone. Fish+Karate 10:52, 23 November 2018 (UTC)[reply]

The reason they didn't appear to "run amok" after indef-blocking two long-standing users who tried to stop them is that a bunch of people scrambled around to get the issue fixed ASAP. As Anarchyte has mentioned, The page above does not document the incident where Salvidrim and OhiaUnited were compromised, or when Jimbo Wales' account was cracked and ran amok, for example. We need a full set of figures to be able to look at the facts correctly. Ritchie333 ^{(talk) (cont)} 10:20, 23 November 2018 (UTC)[reply]

These stats also don't count the several steward and functionary accounts that were also hacked recently, which could have caused serious actual harm (but AFAIK didn't). Not that this proposal would do much for those levels of permissions, I'm just saying this is quite far from an isolated incident. Ivanvector (^Talk/_Edits) 13:11, 23 November 2018 (UTC)[reply]

• Support- regardless this latest trigger issue. Not one iota of valid argument in any of the opposes so far. Leaky Caldron 10:15, 23 November 2018 (UTC)[reply]
• Support Everyone can edit, but only admins can make admin actions. Thus their level of activity should be judged by the amount of admin actions they make. I fully understand that some of these actions are not logged, but I don't view this as a reason to oppose. talk to !dave 11:15, 23 November 2018 (UTC)[reply]
• Conditional Support on the basis that an edit filter like the one Xaosflux proposes here (or some other solution) is adopted, so that all major onwiki admin actions are logged. Iffy★Chat -- 11:37, 23 November 2018 (UTC)[reply]

  @Iffy: These could be logged for bot review (see example on testwiki. — xaosflux ^Talk 14:45, 23 November 2018 (UTC)[reply]

• Support protection of the project clearly outweighs putting a legacy admin to the trouble of requesting their tools back occasionally. ——SerialNumber54129 11:48, 23 November 2018 (UTC)[reply]
• Oppose I wish people were pouring effort and creativity into keeping the editors and admins we have. Rogue accounts are easily dealt with. Making people go through any kind of hoop at the end of inactivity is an unhelpful additional barrier to their return. --Dweller (talk) Become old fashioned! 12:25, 23 November 2018 (UTC)[reply]
• I'm all for increasing the activity requirement for security purposes. At the moment it's anything greater than 0 activity. I'm not sure that greater than 0 admin activity is the right way to go - I'd be more keen to look for say, 50 edits per year. It will stop those who keep dormant accounts alive by making a single edit, yet should be easy to reach even at 5 edits per month, which is our definition of "active". Perhaps have 50 edits per year or 1 admin action per year? Regarding mandatory 2FA, I oppose. largely per Risker's diversity concerns. Worm^TT(talk) 12:28, 23 November 2018 (UTC)[reply]
• Oppose. (Disclaimer; this provision would have caught me out on multiple occasions.) The whole "reduce the potential for compromise" thing, I'm assuming is a complete red herring, unless anyone can provide any actual data to indicate that "admins who have edited within the past 12 months but haven't performed a logged admin action in that period"—the only group which would be affected by this proposal—are at any more risk of compromise than any other account. I'm a strong opponent of the current setup which allows legacy admins from the early days of Wikipedia to periodically emerge and start trying to enforce the standards of a decade ago, and would support some kind of periodic reconfirmation, but I don't see how this proposal would address either the security or the legacy admin issues. (What's to stop either a compromised account, or an incompetent legacy admin, from heading over to WP:BN and asking for the sysop bit back?) In all honesty, whatever the good intent of the proposers it looks more to me like an attempt to cull the number of admins via the back door. ‑ Iridescent 12:32, 23 November 2018 (UTC)[reply]

I don't particularly disagree with anything you've said here, but let me try and clarify my view on this. As I vaguely mentioned above, the inactivity standards here seem to be far higher than anything else I've personally witnessed - I've been the equivalent of desysopped for inactivity elsewhere without complaint (but perhaps I'm just the sort of person who shrugs shoulders and moves on) and when I was a regular on Monochrome BBS in the 1990s, policy was that if you didn't use any account (ie: basic user privs) for three months, it was deleted. Is that a good or bad thing, or just different? Secondly, I do think "culling the number of admins via the back door" is a fair point, and I think part of that is due to the dissatisfaction over "legacy admins" because it's too hard to pass RfA these days. Indeed, one of the reasons I went looking for admin candidates over the past 12 months was simply to try and dilute some of that, so that we had a fresh corpus of new admins bringing new ideas into the place, rather than having to rely on people with a grandfather clause. As for what else can do about that, I don't know. Ritchie333 ^{(talk) (cont)} 12:49, 23 November 2018 (UTC)[reply]

• I'm in a weird place here — In a vacuum I don't dislike the proposal, but a few of my "always agree with" editors have opposed, so per usual I'm in agreement with them. I like the policy change, if only because it will increase the churn and make it clear that +sysop isn't that big of a deal. I'm not concerned about unlogged sysop actions (although regardless of this the edit filter may be a good idea) because it should be easy to head over to BN and say "Yo, still sysoping here" and get the required bit back. That does, however, belie my real issue with this, which is that it doesn't solve the problem of compromised accounts. A user who is occasionally editing without any logged actions is no less likely to be compromised as they are indeed still using the account. I can support more stringent activity requirements, but I can't support this on the grounds of trying to solve compromised sysop accounts. Put more succinctly by Eli355, [t]he Administrators are still using their account. ~ Amory (u • t • c) 13:18, 23 November 2018 (UTC)[reply]
• Yes, but Only if DYK/Protected Logged - we frequently see DYK as a primary reason for suffering going through RfA, and protected edits must also count. I am in favour of this but at a minimum we need DYK logged and probably any protected edit tagged. Nosebagbear (talk) 13:49, 23 November 2018 (UTC)[reply]
• While I don't want to be one of those "old" admins coming out of the woodwork to reflexively oppose, I think I'm going to oppose. De-adminning for inactivity makes sense to me - if you don't log in for a long time, you may not know what's going on, and you may not be paying enough attention to your account to be sure it's secure. I could support reducing the window of inactivity in the project at all, but I'm not convinced that de-adminning for disuse is the right way to go. What the project needs isn't fewer admins - it's fewer inactive admins. So rather than quietly taking about the tool, why not nudge people to use them more? Something like a bot message that says "you have not made a logged admin action in the last 6 months. Here are some clean-up tasks you could help with". Maybe after a year, up it to "you haven't made a logged admin action in the last 12 months. Please drop by BN to confirm that you still want the tools". Sure, some people are going to make some logged actions just to hold onto the tools, but for every one of those, there would probably be 10 or 20 people who would say "you're right, let me help out a bit". At the very least, I think we should try to nudge people into activity instead. See if that works, before we go ahead with a proposal that, let's be honest, assumes bad faith on the part of inactive admins. Guettarda (talk) 14:17, 23 November 2018 (UTC)[reply]
• To be honest I'm surprised that so many editors are commenting here that this RfC is an attack on inactive admins. It's not, not at all, and I'm a little bit offended that it's being interpreted that way. It's purely patching a security vulnerability. Think of it like the front door of your house (apartment, dwelling, whatever). You have some friends over, you have a good time, eat some food, drink some beers, play some games, whatever. Then everyone goes home, and you close the door. You're still friends (presumably), they're still welcome in your home, but you don't just leave the front door open for when they come back (or you don't in this climate anyway). When they do come back, you look out your window or peephole or whatever, confirm it's your friend knocking on the door, then you welcome them back, eat some beers, drink some food, whatever it is you do for fun. That's all that this is. If an admin has been away for a while, they're still an admin, we just take their mop and hang it back in the closet while they're not using it. It's their mop, and when they ask for it back we gladly hand it back over, and then a bunch of people drop by WP:BN and leave notes like "hey welcome back! we missed you!" It's not a back-door desysop at all.

As for solving compromised admin accounts, of course this doesn't, it doesn't even really try to. As long as we have admins we're going to have hackers trying to crack admin accounts; some of them are inevitably going to be successful, and that is not the admin's fault. All this does is cut down on the number of doors left open to Wikipedia's house. And sorry for the crude analogy. Ivanvector (^Talk/_Edits) 15:29, 23 November 2018 (UTC)[reply]

• CommentI am not an admin so maybe there is something I am missing, but how does this helps security. Is there any difference in using your account to make admin actions or edits in terms of judging activity and the likelihood of an account to be compromised. Using Ivans open door comparison, you are just as likely to open your door to a friend who has come over for an informal chat as you are to your same friend who comes on some formal visit. They have still visited, even if it is only once a year. If it really is necessary to tighten security via counting actions I feel it would be better to shorten the time of inactivity or increase the minimum number of edits per year. AIRcorn (talk) 17:34, 23 November 2018 (UTC)[reply]

  I think the main goal is to reduce the attack vector; less admins means less accounts vulnerable to be compromised, and accounts largely inactive are likely that of users who may not be around to get the reminders and improve their passwords (noting another admin just got compromised..last admin action in 2014) Galobtter (pingó mió) 19:45, 23 November 2018 (UTC)[reply]

• Support, seems like a sensible reform. GAB^gab 18:20, 23 November 2018 (UTC)[reply]
• Oppose the change per Risker and Iridescent. Particularly with the attempt to backdoor force 2FA for admins. ♠PMC♠ (talk) 19:55, 23 November 2018 (UTC)[reply]

Oh, hey, just back from another cleanup from another compromised admin account. There is no "attempt to backdoor force 2FA for admins" going on here. I don't know how to more clearly or bluntly state that 2FA enforcement is not going to happen. If it does it will come from the WMF and we'll have no say in the matter. It's just not part of this proposal at all. Ivanvector (^Talk/_Edits) 20:19, 23 November 2018 (UTC)[reply]

@Ivanvector, the very first comment in the thread is make two factor authentication mandatory for all admins, and desysop those who do not turn it on. You can legitimately say that you don't agree with the attempt, but don't try to claim the attempt isn't being made. ‑ Iridescent 12:55, 24 November 2018 (UTC)[reply]

There is always some background minority push to do some thing that is widely not supported or technologically impossible. Mandatory 2FA for admins is one of those rare things which is both not widely supported and difficult technologically to implement (WMF's implementation, not necessarily 2FA in general, see Risker's comments among others). I view the attempts to wedge mandatory 2FA into this completely unrelated proposal as hijacking the thread, and I wager I am more angry about it than you are. Ivanvector (^Talk/_Edits) 14:13, 24 November 2018 (UTC)[reply]

• Oppose - Some form of removal notification is due, and it is possible to use the tools for the benefit of the community without logging any administrative action (e.g. viewing deleted page history). — Godsy ^(TALK_CONT) 20:08, 23 November 2018 (UTC)[reply]
• Support If you are not using the tools, you will not miss them. If you do want to use them, all you have to do is ask for them back. It's a small hoop to jump through for the sake of fewer sysop account with the potential to be compromised. The benefits to the project outweigh the inconvenience to any very infrequently active admins that this would affect. Natureium (talk) 20:27, 23 November 2018 (UTC)[reply]

• Comment - We've had another cracked admin account this evening, no logged activities for four years, vandalised the main page, deleted today's featured article and indeffed a bunch of admins. Does this influence anyone's opinion? Ritchie333 ^{(talk) (cont)} 20:33, 23 November 2018 (UTC)[reply]
• Support The base proposal without requiring 2FA. It should remain a strong recommendation though. Also support "logged actions" being extended to use of editprotect and tracked via the edit filter mentioned above. — AfroThundr ^{(u · t · c)} 20:49, 23 November 2018 (UTC)[reply]
• Support The time for pearl clutching is OVER. 2 compromised accounts in a few days is unacceptable. Furthermore it will make the Mop Holder "Put up or Shut Up". Either they do have a need for the admin toolset (or can relatively easily get it back) or they don't need the tools any more. I agree with the provisos regarding certain unlogged items that should count as activity (though why we couldn't get those logged as admin activities is annother question). I note that previous attempts to get admins to maintain secure passwords (or 2FA) were turned down as beyond scope, however the outbreak of compromised administrator accounts requires us to exercise the more painful choice. Hasteur (talk) 22:27, 23 November 2018 (UTC)[reply]
• Support Long overdue. The counterargument that not all admin actions are logged, while technically true, is a red herring. If you are only using adminship as a status and to peek at deleted material, you aren't doing an admin work. With two inactive accounts compromised in as many days it should be abundantly clear that this is needed. The policy will still be quite lax. Beeblebrox (talk) 23:46, 23 November 2018 (UTC)[reply]

• Support - There are too many Admins gaming the system by making one edit a year to keep hold of their Admin bit when notified, and not making one Admin action for several years. It is about time we use common sense and stop this charade. JMHamo (talk) 00:23, 24 November 2018 (UTC)[reply]
• Oppose When I first started reading I was intending to support. However, after reading some comments above, specifically Cryptic's about there still being a very easy loophole to keep the tools. The only counter to that is not telling admins that there tools are about to be yanked might work the first time, but, after that it won't be difficult to add a yearly reminder to create then speedy delete a userspace page. This would be especially easy to circumvent if edits to protected pages count as admin actions for this proposal, as one edit per year is still all that's required, it'd just need to be to a protected page instead of any page. Perhaps it might be better to increase the number of edits and/or logged actions are required to keep the tools. Callanecc (talk • contribs • logs) 01:04, 24 November 2018 (UTC)[reply]
• Support - Per nom, remove irresponsible "gaming the system" and just plan account security. - FlightTime (open channel) 02:44, 24 November 2018 (UTC)[reply]
• Support The comments about unlogged admin actions, moral panic, and suggestions of how an admin could game the system miss the point which is that reducing the attack surface is the first principle of security. That's all. Unlogged admin actions can be solved with a cratchat to establish an exception for a particular case. Concern about biting inactive admins can be solved by crafting a good message thanking them for their work and letting them know they can easily regain the right. That process should emphasize the need to have a unique password. Almost certainly the hacking of several admin accounts in the last couple of years was done by people matching the list of admins with lists of user accounts hacked on other websites and finding cases where the hacked password was reused at Wikipedia. Admins who are genuinely active are much more likely to have thought about security and we can hope they use a unique password. Johnuniq (talk) 03:03, 24 November 2018 (UTC)[reply]
• A further suggestion: how about not calling it "desysopping", but something like "suspension of administrative rights"? The admin in question is not being removed from the administrator corps, and can continue to do all the same administrative actions as before that do not require administrative rights (including deciding not to take any actions). Should the admin wish to take an action that requires the administrative rights, an extra step of requesting that administrative rights be re-enabled is needed. isaacl (talk) 03:21, 24 November 2018 (UTC)[reply]
• Support This is a political question, and I'm strongly in favor of there being more situations where admins have to say hello at WP:BN after a moderate duration absence from regular activity, or re-RFA after a longer one. I do agree with the concerns that editing the various full-protected transclusions of the Main Page should be tracked as admin actions for inactivity measurements if this is implemented; the case that an editor only edits other full-protected pages is unlikely enough to be ignorable. power~enwiki (π, ν) 03:30, 24 November 2018 (UTC)[reply]

  I must note that I don't see the security concerns as a good reason to support this, though it's a plausible excuse to re-start this perennial discussion. A more effective way to handle security concerns would be to inform all admins who haven't changed their password since 2013 that they have 30 days to change their password to one that meets security guidelines, or they will lose their admin privileges. Simply reducing the number of admins does nothing good (I concede we could completely avoid the risk of hacked admins by having no admins at all); this proposal acts as a (weak) proxy for reducing the number of admins who have insecure accounts, which is what is needed. power~enwiki (π, ν) 03:30, 24 November 2018 (UTC)[reply]

  Is there a way to force password change, maybe in LocalSettings.php, say every 90 days or whatever span of time ? - FlightTime (open channel) 03:47, 24 November 2018 (UTC)[reply]

  I note you're both making an assumption that passwords created in 2013 or earlier don't meet current security guidelines, or assuming that the security guidelines should include mandatory password changes. You may want to read https://www.ftc.gov/news-events/blogs/techftc/2016/03/time-rethink-mandatory-password-changes about the latter. (P.S. Yes, mw:Manual:$wgPasswordExpirationDays exists) Anomie⚔ 15:49, 24 November 2018 (UTC)[reply]

I'm no assuming anything, I was merely asking a question. - FlightTime (open channel) 23:25, 24 November 2018 (UTC)[reply]

• I don't assume that all early passwords are weaker, but I believe the software-enforced minimum password strength has increased over time (if you believe all the comments here, at one time 1-character passwords were allowed, and that certainly should not be allowed). Forcing everyone to do a one-time password rotation might be a better option. I don't support a mandatory 90-day expiration period; in my professional experience in the technology industry rotation periods of less than 1 year are almost always harmful in improving security. power~enwiki (π, ν) 16:15, 24 November 2018 (UTC)[reply]

• Oppose - As others have said, there are admin actions which are not logged. There are a lot of permissions in the admin toolkit, and most are not logged, and many are of indirect, rather than direct use. This has been stated in every one of these discussions. that fact hasn't changed. Plus there are things admins do which require access to certain tools, but which may not need their actual usage in that specific instance. Such as closing a deletion discussion. Also, we prefer admins to embody restraint in regards to tools. This sort of proposal will just cause people to think they shouldn't act with restraint. And besides that, we'll start seeing logs bloat with barely accountable actions. Want an example? Handing out rollback is something an admin can do. And hey, it's even logged! So every admin just goes and gives rollback to someone. And to really make it fun, give rollback to an inactive admin... Tell me what's been solved? And finally, the moment an admin account has been compromised, wouldn't the compromiser immediately do an admin action? And so wouldn't that pretty much void the justification for this proposal? This may be a well-meant proposal, but it just really is a bad idea. - jc37 04:38, 24 November 2018 (UTC)[reply]
• Support - Given recent events, this proposal is more than necessary. A year without a logged action is an enormous window, and any affected admin can just pop over to WP:BN and ask for the bit back. Nathan2055^{talk - contribs} 05:23, 24 November 2018 (UTC)[reply]
• Strongest possible oppose Does it ever occur to you that not all of us have smartphones and never plan to have them, so not all of us have the option of 2FA? I don't really have an opinion on changing the activity requirements, but don't take away my user rights as long as I'm using them in a proper fashion. Period. Nyttend (talk) 05:45, 24 November 2018 (UTC)[reply]

  Nyttend, 2FA isn't actually part of this proposal. I apologize for my earlier comment conflating the two ideas, but this is only about the activity requirements. Bradv 05:47, 24 November 2018 (UTC)[reply]

  And 2FA doesn't need a smartphone anyway - there are 2FA apps for computers too. Boing! said Zebedee (talk) 08:15, 24 November 2018 (UTC)[reply]

• Support. - There are a few pretty egregious individuals, basically NOTHERE administrators, if you will, who do a couple bland edits a year to retain tools. We need to get a handle on how many or few administrators there actually are, and these phantoms impede an accurate assessment. Carrite (talk) 07:57, 24 November 2018 (UTC)[reply]
• Support. As others have opined, if you're not going to use the admin tools then you shouldn't have them. And it's easy enough to restore the bit to someone who is genuinely going to use it. I'll just add that my opinion is not related to the recent hacks, it's a view I've held for a long time. Boing! said Zebedee (talk) 08:18, 24 November 2018 (UTC)[reply]
• Support disabling inactive rights is basic risk management in any it organisation. Doing one or two dummy edits a year is WP:GAMING of the inactivity rule and shouldn't be encouraged. --Pudeo (talk) 09:04, 24 November 2018 (UTC)[reply]

• Agree that gaming the system is a problem. Disagree with the proposed solution to the problem of not notifying the inactive admin. The right way to deal with this is like we do with 3RR: an editor who repeatedly waits until just after the 24 hours is still treated as an edit warrior. Likewise, we can treat any pattern of dummy edits that are clearly designed to avoid the inactivity rules as we would treat any other inactivity. --Guy Macon (talk) 09:41, 24 November 2018 (UTC)[reply]

• Support any proposal to tighten admin standards and accountability. feminist (talk) 09:55, 24 November 2018 (UTC)[reply]
• Oppose This proposal as drafted risks exacerbating a bigger problem than it seeks to address. Our problem of admin retention is much much more serious than any problem that the current proposal is hoping to mitigate, and auto desysopping makes Wikipedia less welcoming for returning admins. I would be more relaxed if this was a more nuanced reform with the period of time that old admins could return after increasing and the introduction of a meaningful test for such returnees. For example one day of renewed activity (not necessarily contiguous) per year of absence, up to a maximum of ten years since being desysopped for inactivity. That would give the community a reasonable chance to assess if the returnee had remembered/refreshed and updated themselves about Wikipedia, and showed enough commonality and experience that they were likely the same person. ϢereSpielChequers 13:43, 24 November 2018 (UTC)[reply]

• Why do we need to retain an admin who performs 1 admin. action a year? They are not productive in any meaningful way and simply inflate a headline Admin. count which does not reflect true productivity in anyway. Rather like many of the stats. you churn out from time to time, it is a meaningless total when a large number do next to nothing. Leaky Caldron 14:27, 24 November 2018 (UTC)[reply]

• Actually I'm not interested in retaining as admins those who only ever do one or two admin actions a year. I'm interested in retaining and keeping an open door for formerly active admins who might become active admins again in the future. such as retaining/reactivating more of the formerly active admins who return here after long periods of time. The problem is that once someone has dropped to a very low or zero level of activity we currently have few tools to tell who might return in the future and who will never return. So I've no problem assuming that those who have died won't be back, but with the project not quite 18 years old we have no way of knowing how many adolescents who go inactive after less than a decade of activity will return once they have retired, or before. We don't yet have anything close to a figure such as "after x years of inactivity the chance of return approaches zero". ϢereSpielChequers 17:07, 24 November 2018 (UTC)[reply]

• Support This is a simple, non-punitive way to keep our admin roster at least a little bit up to date. Powerful tools should not be attached to inactive accounts, that's all. If people aren't using WP at all, they should not have admin tools. If they are only logging on once a year because they got an email warning, they should also not have admin tools. I agree with the proposal as written, with the one addition that a note should be put on their user talk page, AFTER the desysop, explaining what happened and why, with the assurance that it is just a security measure and does not reflect any wrongdoing on their part, and they can get their tools back via a simple request at BN. -- MelanieN (talk) 15:23, 24 November 2018 (UTC)[reply]

P.S. I very much like Isaacl's suggestion that such action be called "suspension of administrator rights" rather than "desysop". -- MelanieN (talk) 15:31, 24 November 2018 (UTC)[reply]

• Oppose the wording as written above. There are plenty of times where I have been an active administrator even though I didn't use "logged administrative actions". Especially when I'm engaged at WP:AE, my preference is to do unlogged actions such as warnings, rather than blocks. I'm not opposed to tightening up the policy in other ways, like if someone has fewer than 10 edits per year, that might be reasonably viewed as inactive. Then again, if those edits are at administrator pages such as WP:ANI, WP:AE, comments at ArbCom pages, or anything in the Wikipedia space (as opposed to user/article pages), then I would see that as being more active. --Elonka 22:25, 24 November 2018 (UTC)[reply]
• Support, sans 2FA and with the "suspension" wording. I've thought about this very carefully, particularly because I take the oppose comments by Risker and Opabinia very seriously. And I would be opposing if, hypothetically, the proposal were to require a new RfA. But posting a message at BN and waiting 24 hours – that's hardly a burden. I do agree with Ivanvector's analysis of partially reducing security risks (no need to let the perfect become the enemy of incremental improvement), and also with the view that we really expect active admins to be able to easily satisfy the revised requirements. Wikipedia is simply not the website that it was a decade ago. In some ways, we should expect more "professionalism" from all editors, but certainly this isn't an imposition on those users who want to have advanced permissions. --Tryptofish (talk) 22:46, 24 November 2018 (UTC)[reply]
• Support - Regardless of the recent activity, this would be a good policy. "Retaining" admins who do not participate isn't retention.Onel5969 ^{TT me} 23:18, 24 November 2018 (UTC)[reply]
• Oppose per Dweller. Kaldari (talk) 00:46, 25 November 2018 (UTC)[reply]
• Weak Support As the incident involving Killiondude demonstrated, this can happen to anyone, and isn’t only limited to inactive admins. I support this only for the fact that it might be a more effective deterrent to a black hat trying to get access to vulnerable admin accounts. OhKayeSierra (talk) 01:03, 25 November 2018 (UTC)[reply]
• Support tightening desysopping (or "suspension") rules though there is probably a better way to get around admins who may attempt to "game the system" by speedying a bullshit page they create in their userspace so they've technically logged an "admin action". Of course, if an admin just wants to keep the tools for fun rather than to use them constructively to improve the project, it reflects poorly on their suitability for having the bit in the first place, not to mention the security concerns discussed many times above. IntoThinAir (talk) 01:40, 25 November 2018 (UTC)[reply]
• Support The potential for an admin who performs non-logged actions being de-sysoped is a non-starter for me. All it takes to stop that from happening is to do a 2-minute drop-in at requests for page protection once a year. The amount of time expense to do that is less than the amount of time expense to clean-up after a compromised account. Chetsford (talk) 05:26, 25 November 2018 (UTC)[reply]
• Strong Oppose - I find the removal of a notification requirement to be a non-starter and contrary to our basic principal that someone should be notified before an action is taken against them. If someone is inactive, it does not mean that they will not come back nor that they cease being a member of the community. As someone who tends to come and go (and is also an admin) even if I'm not fully active at a given period, I do make occasional edits, maintain a strong, secure, and unique password, and see all messages (via notification and email) especially because I run a few bots. Further, the requirement for a "logged administrative action" as opposed to just editing seems to go against the spirit of us being here to build an encyclopedia and the goal that the appurtenant bureaucracy should just be ancillary. If someone is editing without using the tools it does not make them any less trusted or capable of using them responsibly them when they do need to use them. Further, administrators can, and do, add value by helping at WP:DYK (where I personally do quite a bit of work), WP:EDITREQ, and in other places where the tools are of value or essential even if their use is not formally logged. Finally, I agree with Risker's comments above and do not believe that this will meaningfully increase security. If we want to increase security, the strength of your password, it not being reused elsewhere, and 2FA (current technical issues and lack of support notwithstanding) are much, much more important to look at than activity. Regretfully, it looks like the group targeting admin accounts has enough sophistication to understand a bit of our inner workings, if an outside actor were to compromise a highly active admin account (as has happened before), all they would need to do is wait for the user to be offline or asleep to act. Our default edit counter (shown at the bottom of each user's contributions page) even has a "timecard" feature (see here for mine) which graphically shows a time distribution of your edits. Even if we were to disable this feature, it is not hard to figure out when I, or any other user, is almost never online. While I strongly agree account security, especially for accounts with advanced permissions, is essential, I cannot support this as I do not believe it helps us move towards additional security and am deeply concerned it could drive away valuable and respected editors and make it harder for them to return (similarly as Dweller pointed out above). Best, Mifter (talk) 06:27, 25 November 2018 (UTC)[reply]
• Weak Oppose I want a solution that 1. fixes this problem and 2. doesn't feel punitive to good-faith admins who for whatever reason are inactive for a while. I'm not sure this proposal does either of those things. If we want to prevent hackable accounts causing problems, require ALL admins to change their password regularly. And is there any way to show on the password reset page the results of that little handy tool Guy Macon links to below? If admins are told when they reset their password how hackable their password is, and just how attractive a target WP is, I would assume good-faith admins would go ahead and create an unhackable phrase rather than coming up with yet another version of pa55w0rd. And if after that they still do create a crap password and get hacked, THEN they get punished lol valereee (talk) 12:21, 25 November 2018 (UTC)[reply]

• The tool at http://rumkin.com/tools/password/passchk.php might be a better choice. That checker is The code is licensed under the GPL, so we are free to use it. --Guy Macon (talk) 16:33, 25 November 2018 (UTC)[reply]

• Support. Inactive bits must be frozen. But given the number of administrators who are not convinced that security issues could be more than a "set-up to thwart Ivanka" ... we will probably have to wait for a big drama, followed by panic countermeasures imposed by SanFran. Pldx1 (talk) 14:43, 25 November 2018 (UTC)[reply]
• Support. I would want admins to be actively using their tools, but I disagree "logged actions" being the cut-off. Instead, I would want to extend this to any activity that could not be performed by a non-admin. I would want to have a notice given for admin accounts that are performing edits on a semi-regular/regular basis for the impending removal of rights, but for completely inactive accounts the notices seem unnecessary. Only providing notices to accounts with more than just a couple of edits a month would help to circumvent the problem of admins hogging their admin privileges when they are inactive. Dreamy Jazz 🎷 ^{talk to me | my contributions} 16:52, 25 November 2018 (UTC)[reply]
• Oppose. I have been an admin for over ten years. I am an active editor; I'm on pretty much every day. My understanding always was that admin privileges are intended to be used sparingly. I try to warn vandals rather than block and I don't waste effort blocking IP accounts that appear to come from public terminals in schools. Usually after being warned and reverted a couple of times vandals just go away. I try to help settle disputes where I can and that often makes me an "involved editor" so I sometimes have to rely on other admins if my efforts fail and blocks are needed. A few times when I did use my bit, it just made a bad situation worse. Nonetheless, there are times when I do use it and often having to wait for permission to get it back would allow damage to persist too long. I would not object to tighter authentication requirements for admins, perhaps re-authentication when the bit is used after an absence from editing (rather than relying on "keep me logged in"). But I don't think admins who are active on the project should be incentivized to use their privileges any more than they deem necessary.--agr (talk) 17:35, 25 November 2018 (UTC)[reply]
• Support If you do not use your administrator rights you do not need them but i oppose the requirement of 2FA as not all admins have phones and the way Wikipedia uses 2FA has issues Abote2 (talk) 22:20, 25 November 2018 (UTC)[reply]
• Oppose. Wikipedia is becoming more punitive. People should always be notified when things are planned that affect them. There seems to be a trend toward trying to make people do things in a particular way or in a particular time frame recently. I contend that this attitude is driving users away. As a volunteer organisation we should be doing everything we can to retain and encourage users. Also rushing to change policy in reaction to a specific situation is never a good idea. Morgan Leigh | Talk 22:28, 25 November 2018 (UTC)[reply]
• Oppose. This is security theater. We are going to have compromised accounts and do need processes in place to prevent it, mitigate the damage, and allow recovery. The reduction in the size of the attack surface that would result from this policy change is simply not significant, and the consequences for editor engagement over time are considerable. The Uninvited Co., Inc. 00:22, 26 November 2018 (UTC)[reply]
• Conditional support on the condition that any former sysop who hasn't fallen short of the 3-year lengthy inactivity rule can regain the sysop flag anytime via WP:BN. In other words, I would support this proposal for as long as it only removes the technical permission of an admin who still edits occasionally but hasn't used any admin privileges, but retains the policy permission for those admins to regain their technical permission whenever they need it back. Also strong oppose requiring the current implementation of WMF 2FA per diversity issues raised by Risker et al and the technical issues raised on phab:T172079. Deryck C. 16:05, 26 November 2018 (UTC)[reply]
• Strong Oppose -- This won't solve any problems. Just see the recent temporary desysop of Killiondude. The account was compromised and the real editor had edited the day before. I would much rather see an actual activity requirement of say 25 logged actions per year (edits; blocks; user right changes; whatever). -- Dolotta (talk) 16:47, 26 November 2018 (UTC)[reply]
• (edit conflict) Support the bit can be returned on request. There shouldn't be mandatory 2FA for all admins, as it might be too difficult for some. Besides, how would one get 2FA before, since if I recall users without advanced rights (admin, CheckUser, oversight, etc.) can't use 2FA. ^Semi_Hypercube ✎ 16:51, 26 November 2018 (UTC)[reply]
• Support -- as long as it is easy enough to reinstate in extenuating cases (which seems to be the case here) no harm no foul.--Esprit15d • talk • contribs 00:02, 27 November 2018 (UTC)[reply]
• Strong Oppose, ah, here we go yet again down the slippery slope. I've always seen admin activity requirements as unhelpful for a number of reasons, including but not limited to the effect that this would have to de-diversify the admin population, effectively shutting down the possibility of adminship to those who may not have reliable secure internet for long periods--military deployment, missionary work, humanitarian aid, and the like. Not even requiring notification adds an addition slap in the face for those who frankly have donated a lot of their free time to the project already. Andrew Lenahan - Starblind 18:54, 27 November 2018 (UTC)[reply]
• Oppose – Right spirit; wrong proposal. Normal edits should count toward admin activity, since by editing actively, admins, who are of course all virtuous and knowledgeable, can show by example so admin actions don't have to be performed. Inform people that the bit is about to be taken away, especially because real admin activity, such as DYK actions, aren't even being counted. However, I'd make the activity requirement higher, like average one action a day, not a year. How does someone who does less vandal fighting in a year than I'm apt to do in a day get to keep their key to the executive broom closet? Dhtwiki (talk) 07:47, 28 November 2018 (UTC)[reply]
• Support but I agree with Dhtwiki that this should just be about keeping your account active in general, not about making demonstrably 'admin' actions. To me, the point of de-sysopping inactive admin accounts is to maintain security of an account that has no one on the other end of it. If an administrator is active in any way, that means he or she is logging in regularly, (hopefully) changing the password and keeping it secure, etc. If we want to de-sysop an otherwise active sysop for lack of admin-specific activity, that's fine, but we should be doing so for all advanced permissions and separately from this proposal. CThomas³ (talk) 19:53, 28 November 2018 (UTC)[reply]
• Oppose both requiring logged admin actions and the removal of the notice requirement. While I understand the concerns, I don't think that they outweigh the problems of tracking unlogged admin actions (I think of closing AfD's as "No Consensus" as a good example) and the discourtesy of finding your account deadminned unexpectedly even when you have been making regular if infrequent contributions to the encyclopedia. I probably came close to a year without logged actions when I was an admin, and I would have hated to have lost the bit without even a warning. Eluchil404 (talk) 23:08, 28 November 2018 (UTC)[reply]
• Support the first part. I don't, however, see a defensible rationale to deleting the notice/contact provisions.  — SMcCandlish ☏ ¢ 😼  12:44, 1 December 2018 (UTC)[reply]
• Oppose. I see the problem, but this is too extreme. I might support some more complex formula such as (<n admin actions in last 12 months, and <n admin actions in last 2 years), but I'd prefer to see some human discretion applied, partly to avoid setting a target for the hat collectors. Any numerical threshold risks encouraging hat-collecting admins to make un-needed admin actions simply to game a threshold.

Most of my admin actions involve editing protected pages, and AIUI those are not logged as admin actions. Unless they are included in the total counted, the numbers will be misleading.

And I strongly oppose mandatory 2FA. I am sure that I am not the only admin who is a smartphone refusenik (a phone which needs to have a "phone" button pressed before it can be used as a phone is a portable identity crisis which I don't need in my pocket; plus my fossil-phone is way cheaper, more robust and has a 1-month-on-standby battery life) .. and 2FA basically relies on having a smartphone. Instead, I change my password frequently using my own obscure formula, and I would support an enforced requirement for non-2FA admins to change password every 3 or 6 months or so. --BrownHairedGirl (talk) • (contribs) 04:01, 3 December 2018 (UTC)[reply]

• Support. All users are responsible for securing their accounts. Accounts with sensitive privileges should be subject to additional security measures to reduce disruption to Wikipedia. Disabling inactive privileges and requiring two-factor authentication are measures that are widely implemented in companies with strong computer security policies. As the fifth-most-popular website in the world, Wikipedia is more important than many of these companies, and should tighten its security to prevent embarrassing breaches like the ones from last month. — Newslinger talk 04:57, 3 December 2018 (UTC)[reply]

• @Newslinger: Wikipedia is not a company, and cannot be run like one. Its editors and admins are a much more diverse set, and your comparison seems to assume that en.wp editors have the same sort of access to resources as an employee of a major tech company.

Its editors are unpaid and receive no equipment from Wikipedia. They may not own a computer, and do their editing on someone else's machine or on some sort of public computer (e.g. library, school, university, work, housemate, family).

So any requirement which presumes ownership of particular equipment merely reinforces the already-massive systemic bias in en.wp's admin base, and erects a further barrier to editors on lower incomes, editors from remote areas or developing nations, editors with disabilities etc. --BrownHairedGirl (talk) • (contribs) 07:40, 3 December 2018 (UTC)[reply]

​Two-factor authentication doesn't require any additional equipment beyond what is needed to edit articles on Wikipedia. If an editor can run a web browser or a Wikipedia app on their own device, then the editor can also run a free authenticator app (list) or password manager (list) on their device (regardless of whether it's a desktop, laptop, or smartphone). For editors without their own devices, there are web-based password managers (such as KeeWeb) that also provide two-factor authentication at no charge. — Newslinger talk 08:54, 3 December 2018 (UTC)[reply]

• @Newslinger: there may indeed be workarounds for the tech-savvy. But those workarounds increase the technical burdens on admins who are mostly chosen for their editorial judgement and understanding of policy, rather than for technical skills.

You really don't seem to get my point that Wikipedia is not a company and its editors and admins are not employees. This is a wholly different sort of organization, and these attempts to import corporate processes don't recognize that crucial distinction. I know some truly wonderful editors who would make brilliant admins, but who are so non-techie that they only ever use the visual editor. They would run a million miles from the complexity of 2FA, but they precisely the sort of people whose social and editorial skills are much needed in the admin corps. I would love to see more of them becoming admins; the role should not be the sole preserve of tech-heads. --BrownHairedGirl (talk) • (contribs) 09:07, 3 December 2018 (UTC)[reply]

​I made the "company" comparison to show that Wikipedia's security practices are weaker than those of less important organizations. This was not an assertion that Wikipedia is like a company, or that its editors and admins are like employees. In my opinion, two-factor authentication is much easier to learn than wikitext, and is a reasonable requirement for sensitive privileges on a very important website. — Newslinger talk 09:34, 3 December 2018 (UTC)[reply]

Newslinger, comparisons with a company have led you down a path where you are applying inappropriate measures of reasonableness, and looking at the perceived importance of the organisation rather than the extent of potential harm and the impact on users. Please do not underestimate the extent of the barrier which is placed in the way of many very productive editors and admins by technical measures which a tech-savvy person like yourself would find trivial.

As a voluntary group, en.wp editors include very many people who would never be remotely acceptable to the personnel depts of any corporate. Their contributions are valuable, and their needs are very different to those of a corporate employee.

Most of the potential for damage has been removed by https://phabricator.wikimedia.org/T150826, which prevents a blocked admin unblocking themself. A hijacked admin account can now be securely blocked until the issue is resolved.

And do remember that this is "the encyclopedia which anyone can edit". Our security is social rather than technical. --BrownHairedGirl (talk) • (contribs) 11:29, 3 December 2018 (UTC)[reply]

• Oppose. Tweaking the activity requirements every time someones account with bad password gets compromised is just security theater. Also strong oppose requiring the immature WMF 2FA per diversity and editor retention issues raised by Risker, Andrew Lenahan and others, and the technical issues raised on phab:T172079. jni ^(delete)_{...just not interested} 06:27, 3 December 2018 (UTC)[reply]
• Oppose, forcing admins to have logged actions and not telling them they have forgotten to do so doesn't strike me as helpful. It is trivial to fulfil the logging requirement (delete and undelete your sandbox) so this is useless as a measure of activity. And anyway, what jni says. —Kusma (t·c) 11:18, 3 December 2018 (UTC)[reply]
• Oppose, hard cases make bad law. Stifle (talk) 15:20, 3 December 2018 (UTC)[reply]
• Oppose - per Risker, pretty much. Also, I'll join the list of people opposed to compulsory 2FA, at least while using it requires people to retain one-time keys indefinitely. The Land (talk) 15:40, 3 December 2018 (UTC)[reply]

• Strong support. Best proposed modification to this policy in quite some time. As usual the opposition is a storm in a teacup around something that will pose no threat to the project's operations. It will on the other hand shut down the yearly charade performed by people who have no good reason to continue calling themselves administrators.  — Scott • talk 15:48, 3 December 2018 (UTC)[reply]

Questions about admin actions that are not logged as such

• Comment - In theory, I support tighter guidelines on whether or not an admin is really making use of their tools. However, as pointed out above by Jo-Jo Eumerus and others, there are certain actions that require admin access, but are not logged as admin actions. DYK is a prime example, as some editors have become admins specifically for helping out on that project. There are some admins I see using their tools at DYK, and don't run across them elsewhere, but are vital to assisting that project. Devise a tool that logs ALL admin usage of tools, and I might be more willing to support this. — Maile (talk) 19:50, 22 November 2018 (UTC)[reply]

  DYK has come up a couple times. I'm not so familiar, but what do admins do at DYK that requires admin access but isn't logged? IMO it should be logged, or it should not require admin rights. Ivanvector (^Talk/_Edits) 19:58, 22 November 2018 (UTC)[reply]

  They use editprotected. --Izno (talk) 20:01, 22 November 2018 (UTC)[reply]

  Ah I see. Surely we could (should?) log edits to protected pages? Maybe that's a separate discussion too. Ivanvector (^Talk/_Edits) 20:10, 22 November 2018 (UTC)[reply]

  @Ivanvector: technically they are already logged, just not in any manner that is easy to find. Obviously "group" edits (like MediaWiki:, .json files, etc) are easy to filter, but the other ones are not. I wonder if this is a red herring though (i.e. how many admins are completely inactive in all logged actions but still routinely use editprotected?) — xaosflux ^Talk 20:43, 22 November 2018 (UTC)[reply]

  Does it require admin tools to create and maintain bots and scripts? That's also a key part of DYK. — Maile (talk) 20:37, 22 November 2018 (UTC)[reply]

  I don't believe so, I think anyone can operate a bot if it's approved, unless it's a bot with admin rights. Scripts might require interface admin now, I'm not sure. Ivanvector (^Talk/_Edits) 21:08, 22 November 2018 (UTC)[reply]

The last 10 humans, and the operator of the last bot, to edit Template:Did you know, made their most recent logged admin action this long ago:

As you can see, Gatoclass is the only one who would lose their adminship with this proposal. Thryduulf (talk) 22:51, 22 November 2018 (UTC)[reply]

Thryduulf of the ones you list above, Shubinator is unique in that his bots keep the process running. He's the only one who would know what admin actions he's taken that don't show on his normal logs - but I think DYK would be up a creek without him behind the scenes. You don't list Wugapodes, and his logs look pretty active, but he operates WugBot that is also essential to the DYK processes. The others are directly involved in the edit protected areas of DYK that directly affect what appears on the Main Page. — Maile (talk) 01:34, 23 November 2018 (UTC)[reply]

I believe I wasn't listed because I'm not an admin, only pending changes and (recently) new page reviewer. WugBot doesn't have editprotected rights and doesn't need them as the approved page isn't under full protection, just the Queue for the mainpage. Wugapodes [t^hɑk] [ˈkan.ˌʧɹɪbz] 02:47, 23 November 2018 (UTC)[reply]

• Regarding the questions about logging, while it's not as easy of a log, we could make an edit filter such as ((action = edit) & (page_restrictions_edit = sysop)) to "log" protected edits such that they could be "counted" by any inactivity bots (which really is how we would look for inactives in practice). — xaosflux ^Talk 05:28, 23 November 2018 (UTC)[reply]
• Example of logging the use of protected edits. — xaosflux ^Talk 12:55, 23 November 2018 (UTC)[reply]

Although my understanding of logging administrator actions is dim, I believe I could have been desysopped for one year of miscalculated inactivity from Sept. 15, 2014 to Sept. 25, 2015, and also Sept. 26, 2012 to Apr. 22, 2014. That's logged actions only. Realistically, I'm far from inactive; I proofread everything on the Main Page, not just Did You Know. So it isn't just Gatoclass. But if you'd rather fix typos without me, my business could use more attention. Art LaPella (talk) 06:03, 23 November 2018 (UTC)[reply]

• This is another example of a fully protected page which requires editing by administrators on a regular basis.--Ymblanter (talk) 07:55, 23 November 2018 (UTC)[reply]

• The fact that just in the last 10 admins to have processed a DYK already 1 of them would be removed means that clearly DYK is a necessary tagging. In preference, any edit of a protected page should also count. Nosebagbear (talk) 13:46, 23 November 2018 (UTC)[reply]
• So, if I'm understanding correctly, the only admin action we've identified so far as definitely an admin action and definitely not logged is edits to protected pages, yes? Let's set up a log for that. I don't think anyone here yet has said we shouldn't, and lots of us have said we should. Ivanvector (^Talk/_Edits) 14:50, 23 November 2018 (UTC)[reply]

  @Ivanvector: I'm working on one (Special:AbuseFilter/942) - there is another admin action that isn't logged at all: viewing deleted versions. Note, those 'actions' are not currently counted toward activity. — xaosflux ^Talk 14:54, 23 November 2018 (UTC)[reply]

I saw that filter you're working on, it looks good so far. As for viewdelete, are there really that many admins that only look at deleted pages and do nothing else? Ivanvector (^Talk/_Edits) 15:02, 23 November 2018 (UTC)[reply]

Indeed, while you can have admins look just to answer individual's questions (why was it deleted etc), usually I'd expect it to be associated with one of:DELREV, CSD, Salting/Unsalting, copyvio, block discussions. Nosebagbear (talk) 15:21, 23 November 2018 (UTC)[reply]

I mean I'm sure there are cases where you just look at a deleted page and then do nothing else. But does anyone only look at deleted pages, but never do anything with them, or any other logged actions? That seems unlikely to me, but then again I was wrong about DYK and editprotected, so as it turns out I don't have all the answers. Ivanvector (^Talk/_Edits) 18:25, 23 November 2018 (UTC)[reply]

Personally, I feel viewing a deleted page to be something that an administrator is authorized to do, but not an administrative action in itself. Using the knowledge gleaned from this to weigh in on a discussion would be an administrative action. However I don't see any way to log this automatically. isaacl (talk) 23:17, 23 November 2018 (UTC)[reply]

• Also noting that I oppose counting non-logged admin actions that is next to impossible to track after the fact. Seriously, it really isn’t that difficult to do one completely non-controversial logged action a year, and handwringing over something that is easily reversed and can be easily fixed for a year isn’t justified, especially given the extra work that would be required. I would support keeping the one year notice, though. TonyBallioni (talk) 22:35, 23 November 2018 (UTC)[reply]
• It does appea that DYK is the single exception where an admin is actually doing useful admin work without logging any actions. As demonstrated above thsi would impact only one single admin's rights. That doesn't seem sufficient cause for not doing this, we can just IAR for that one admin. Beeblebrox (talk) 02:09, 24 November 2018 (UTC)[reply]

  At least two admins. And probably Shubinator. And it's the complete Main Page, not just DYK. Art LaPella (talk) 03:49, 24 November 2018 (UTC)[reply]

  I actually provided another example in this very thread.--Ymblanter (talk) 08:24, 24 November 2018 (UTC)[reply]

• I think that one of the most valuable things that administrators do is say no....say no to blocking someone, say no to protecting a page, say no to deleting... And yes, there's lots of work happening in places like Arbcom enforcement and even admin noticeboards by admins who don't need to take logged admin actions in order for them to be effective as administrators. If someone is actually around and doing things, it really doesn't matter whether or not they're doing logged admin actions. I will make a proposal above. Risker (talk) 02:17, 24 November 2018 (UTC)[reply]
  • But do you think it is reasonable for an administrator to say no to literally everything? All they have to do is say yes one time (or however many actions the limit is determined to be). If we have a sysop that is saying no to every request, I would find it very hard to believe it is not a WP:POINT situation, and they should not be an admin anyway. Natureium (talk) 13:46, 24 November 2018 (UTC)[reply]
• As I understand it, there is currently no logging of the use of admin accounts to view deleted edits. This is one of my most common uses of the tools, for example in checking out a candidate or potential candidate at RFA. I'm actually a little uncomfortable about the idea of an admin account quietly lurking and occasionally being used to view deleted edits, but we have in the past had a very active nominator who made little or no use of the tools apart from viewing deleted edits. So I would welcome some sort of log that at least recorded when an admin had last looked at deleted edits, provided it didn't log what specifically they viewed. ϢereSpielChequers 13:32, 24 November 2018 (UTC)[reply]

  I've created a AF log for "protected edits" that can be seen here: Special:AbuseFilter/942 - a 'viewdelete' log would require software changes so its a bit hard. For example @WereSpielChequers: can you point out any specific admins who have gone a year with no protected edits, no logged actions - that you think are still using viewdelete usefully? — xaosflux ^Talk 15:52, 24 November 2018 (UTC)[reply]

  Great, thanks.--Ymblanter (talk) 16:09, 24 November 2018 (UTC)[reply]

  @Xaosflux Thanks. As I said we had an active nominator in the past who as I remember it had not otherwise used the tools for some time. I don't know if there is such an admin at present. But there are plenty of occasions where view deleted is useful, if you are about to recreate a previously deleted page sometimes the only way to know that the previous A7 deletion was of a "14 year old professional skateboarder" and unlikely to be the same person as the diplomat or academic of the same name who you are writing about. ϢereSpielChequers 16:42, 24 November 2018 (UTC)[reply]

  Will this filter be automatically disabled if it matches more than 5% of edits, or does this wiki have a different setting for $wgAbuseFilterEmergencyDisableThreshold? I don't see anything about this on Wikipedia:Edit filter. I've run into that problem a lot on other wikis where I've worked with abuse filters, and I'm guessing the restriction was put in place to prevent situations like this incident that occurred here. Or is this not a concern because there are so many edits to English Wikipedia that it would never reach 5%? ♫ekips39 (talk)❀ 22:23, 24 November 2018 (UTC)[reply]

  @Ekips39: the sheer amount of other edits should keep this down, it is currently running at about a 0.02% hit rate against edits. — xaosflux ^Talk 04:20, 25 November 2018 (UTC)[reply]

• Creatimg new logs is overkill - all Admins can just accept the occasional CSD which IS logged. Legacypac (talk) 22:41, 24 November 2018 (UTC)[reply]

Alternative ideas

This has been a very good discussion and I'm very impressed with the diversity of comments, thanks everyone. I've definitely learned some things and had my assumptions challenged. Based on the key points raised up to this point I have an alternative suggestion:

• An account is considered inactive when it has no presence on the website at all (no edits, no logged actions) for 91 days.
• When an account is flagged inactive, we force a password reset and send the accountholder instructions to change their password, by email (if the account has email enabled) and with a notice on their user talk page. (The current password reset instructions are here)
• If/when the user wants to resume using their account, with all its previous permissions, all they have to do is reset their password.
• Since the password must be reset before the account can be used again, no permissions are changed (unless the account becomes subject to the lengthy inactivity policy)
• I believe requesting a password reset counts as a logged action; it's present in the Checkuser log at least but of course that's not public, and it rotates after 90 days anyway. At any rate, the accountholder resetting their password should reset the 91 day clock, and if someone wants to string along keeping their admin access by resetting their password every three months, that's not really a security issue.
• 91 days is just an illustrative number I pulled out of my ass, it could be any reasonable number.
• Two admin accounts (at least) and several others with other advanced permissions have been compromised while we've been talking about this.

I think that this catches all of the concerns raised about admins who are active but don't log actions, about automatic removal of permissions, and about accounts being hacked due to old reused password hacks on other websites. Some issues are:

• Accounts that don't have email enabled or accountholders who lose access to the email they provided on sign-up could be locked out. I think these situations can be handled by contacting Arbcom but I've never had to so I don't really know.
• Accounts that are active will never be required to change their password, but that's already the case.
• There is nothing in this alternative (nor in the original) that requires strong passwords or extra authentication factors, other than having an email address.

Any thoughts on something like this? Ivanvector (^Talk/_Edits) 15:52, 24 November 2018 (UTC)[reply]

The WMF security team is actively working to introduce technical measures that will prevent future attacks along the same vector that compromised the most recent two admin accounts. I'd argue that they are the experts and should be the ones making the call in this area. Us debating the pros and cons of each potential security measure not only exposes all of their cons in public, making it easier for an attacker to work around, but also is far less effective because most of us aren't experts in the area.

My suggestions is to limit discussion on this topic to what would generally promote account security, without getting into detailed technical solutions. De-flagging inactive accounts is good because it reduces the attack surface. I feel like any of these discussions are more about punishing the barely-active admins who dare to have other things going on in their lives than editing Wikipedia rather than actually being about security best practices, but I guess it's at least being considered. -- Ajraddatz (talk) 16:59, 24 November 2018 (UTC)[reply]

I disagree pretty much with everything you've said. "The office is working on it" is no substitute for community discussion on local policies, especially since the security team does things in a silo, slowly, with no accountability to the actual users of this project. There is no sinister ulterior motive here to punish anybody, or drive anyone away, or ... anything, I apparently can't anticipate the bullshit schemes people are going to insist on reading into this. It's about security best practices, and responding to an actual and ongoing security threat in any way that the local community is capable, because the security team has not. You seem to think that this hacker is an idiot and isn't already aware of all the things being discussed here, like these are brand new ideas that haven't already been implemented by security-conscious websites pretty much everywhere in the world for years now. The website haveibeenpwned.com has been tracking security breaches for five years of exactly the sort of info that's very likely being used to hack idle accounts here, and the best innovation we've had from the WMF in that time is a beta 2FA implementation that's problematic for many users, if the WMF allows them to use it at all. We don't need more vague promises that the under-resourced WMF has "top men working on it", we need a response now. Anything less is grossly irresponsible. Ivanvector (^Talk/_Edits) 18:47, 24 November 2018 (UTC)[reply]

I think the hacker is aware of discussions like this, or at least able to find them. I'll email you about some of the other points. -- Ajraddatz (talk) 18:55, 24 November 2018 (UTC)[reply]

Just to note that how we are having admin-account vandalism has been publicized (even though it would take just a bit of reading on en.wiki to figure out what's been happening). This basically means that the security hole due to the ability hack into admin accounts could get worse. --Masem (t) 01:48, 25 November 2018 (UTC)[reply]

Would it help to send an e-mail to all administrators alerting them on the incident and asking to evaluate the strength of their password and to change it if necessary? Those who do not have e-mail enabled can get a talk page message.--Ymblanter (talk) 10:41, 25 November 2018 (UTC)[reply]

• A simple alternative While not having much of the finesse of Ivanvector's latest proposal in this section, using recent-ish changes it would (I believe) be trivially simple to assign the bit as a temporary (365 day) permission, with an expiry on the anniversary of the admin's initial grant of the bit. Perhaps a 24hr pause before re-granting to anybody who had absent for a significant period. Simple to do, no new infrastructure needed, no advertising of inactive accounts - I think this meets the requirements. Cabayi (talk) 14:28, 27 November 2018 (UTC)[reply]

Separate section for comments that are only about 2FA

• Regarding 2FA, I don't remember (or just don't now, really) if anyone has access to stats on which accounts have it turned on or not. If we do, and we're not yet comfortable requiring it to be turned on for admins, maybe we can do something like enforce periodic password resets for admins that don't opt in. That's not part of this proposal, I'm just throwing out ideas. (I have 2FA turned on, ftr) Ivanvector (^Talk/_Edits) 19:27, 22 November 2018 (UTC)[reply]

  Well, I have a password which can not be broken. I do not want to turn on TFA because I (almost) do not use a cell phone. I am not sure why WMF thinks they are more clever than I, and I am already unhappy with 2FA requirement for interface admins - I will possibly have to resign my interface admin rights, but if RFA is required for all admins, I am not sure what I am going to decide. If you want to lose admins with zero benefit, this is probably the way to go.--Ymblanter (talk) 19:33, 22 November 2018 (UTC)[reply]

• @Ivanvector: Way back in Feb '17, "203 out of the 1274 admins on English Wikipedia [had] enabled two-factor auth". Other tasks exist asking for a similar thing - TNT ^💖 19:37, 22 November 2018 (UTC)[reply]

Neither a data plan nor a smart phone is required. All 2FA processing is done off-line, using a seed number and the current time to generate a key. Apps such as Google Authenticator and FreeOTP can run on any Android or iOS device without a data connection (and FreeOTP can be downloaded on your PC from here and sideloaded onto an Android device if WiFi isn't available for installation). If you do not have a smartphone/pda/media player that runs Android or iOS, you can get PC-based programs to generate the codes (WinAuth and Authy seem to be the most popular, and there are more options available for Linux-based computers such as gauth and oathtool). --Ahecht (TALK
PAGE) 19:46, 26 November 2018 (UTC)[reply]

This is a good discussion, but I've broken it out from the main proposal so as not to distract too much. I like our 2FA implementation because I always have my phone with me, and because my phone is also my authentication device for my office email, but of course it's not perfect for everyone. We could fall back on the "email you a code" type 2FA that some other sites use (Steam is one, and I hate it, my email server is slow) if it were possible to choose different authentication methods. Again, just a thought. Ivanvector (^Talk/_Edits) 19:55, 22 November 2018 (UTC)[reply]

In light of the number of reset requests I am wondering if the current 2FA methods run too high a risk of getting locked out of one's account. Besides, not all people are tech savvy enough to work with one device 2FA or have more than one device available at any time. Jo-Jo Eumerus (talk, contributions) 20:36, 22 November 2018 (UTC)[reply]

• You would have lost me as an admin if you'd required TFA. Not only is it far beyond my level of technical comfort, and makes it all too easy to get locked out, I'm not going to spend $400 plus data plan for a smartphone for Wikipedia or anybody else. Massive imposition for little gain to the project in terms of security. Yngvadottir (talk) 22:55, 22 November 2018 (UTC)[reply]
• Ditto. I act as an admin as a favour to Wikipedia, sysop status isn't a favour Wikipedia does to me. I have no intention of committing to permanently owning—and having permanent access to—an expensive piece of technology which requires a permanent and expensive subscription. purely because Wikipedia is having one of its periodic bouts of security paranoia, and if that means someone else has to clean out CAT:EX instead of me I believe I can live with the loss. ‑ Iridescent 23:01, 22 November 2018 (UTC)[reply]

@Iridescent: I can understand where you, Ymblanter, and Yngvadottir are coming from in relation to having 2FA be a requirement, but it's not as much of a commitment as the ghastly WP:2FA leads on. The most popular applications for this process are for mobile (namely Google Authenticator and Authy), but PC-based applications exist too. There are a few listed here, and there are others, like WinAuth for Windows. If you use Google Chrome, Authy has an available plugin. Unfortunately, I was unable to find any for Mac (that were not already listed) or Firefox. I didn't bother looking for Safari ones, and Brave, along with Opera I believe, primarily use Chrome extensions. Internet Explorer/EDGE are both a mess, so I'd recommend to anyone using those to swap browsers anyway. If losing the codes is what your worry about, scratch codes are generated when you enable 2FA. Email these to yourself and you'll never lose access to your account, even if you lose or change device. Anarchyte (talk | work) 23:33, 22 November 2018 (UTC)[reply]

gauth is available for Firefox. I should also note that Google Authenticator does not require a "perminant and expensive subscription", and it doesn't even require any internet acess beyond the initial installation (which can be done via WiFi). Used android devices are readily available cheaply ($10-$20) without a data plan if you don't need the latest and greatest flagship model. --Ahecht (TALK
PAGE) 19:53, 26 November 2018 (UTC)[reply]

• Just noting as I did above that there are multiple functionaries that do not have 2FA, and for a variety of reasons, I would not even want to force this on CheckUsers or Oversighters, including but not limited to the fact that the security paranoia that Iridescent describes is very real and there are some plain insane ideas on functionary account security out there and there is a part of me that fears making this a requirement would be a slippery slope to some really dumb measures that would make a lot of people quit (yes, slippery slope is a bad argument, but WMF projects tend to make technical changes all at once if they ever happen.)
  That was all about functionaries, who I think should have a higher level of account security than admins because of the ability to access personal data. If we currently don't require CU/OS to do it, and I don't think we should, we certainly shouldn't extend the requirement to admins without those tools. TonyBallioni (talk) 01:36, 23 November 2018 (UTC)[reply]

  @TonyBallioni: it is being discussed see phab:T197160. — xaosflux ^Talk 05:55, 23 November 2018 (UTC)[reply]

  Xaosflux, thanks. -revi pointed me to the CU one and one for changing user rights. My general view on this is what I said in the CU one: there is no world where it should be more difficult to run a CU than it was for me to wire money to buy a house, which is an accurate description of some of the suggestions that have been made re: 2FA and the CU tool. TonyBallioni (talk) 06:17, 23 November 2018 (UTC)[reply]

• Wikipedia, and the entire Wikimedia movement, is committed to creating and maintaining a diverse community. That means including people who have limited access to technology (in some cases, even limited access to software), people who do not have a lot of money, people who live in countries where it is not legal to own certain types of technology (or could result in significant state surveillance if owned). This is not an abstract concept - I personally know administrators who live well below the poverty line, some of whom don't even own their own computers; others who can't afford to maintain a second piece of technology like a mobile phone; and still others who live in countries where using 2FA would probably result in their being incarcerated. Frankly, there's almost nothing that an admin account can do that will result in any real level of off-wiki scrutiny. Admin accounts that go rogue are pretty easily globally locked. I also completely and fully endorse everything that Iridescent said. This is security theatre and is completely out of proportion to the problem it's trying to solve. Risker (talk) 04:51, 23 November 2018 (UTC)[reply]
  • Risker, not to mention that the most recent confirmed account compromises involving stewards (which *actually* could have had real life implications given the potential access to CU data on multiple projects) could not have been stopped by 2FA. TonyBallioni (talk) 04:59, 23 November 2018 (UTC)[reply]
    • @TonyBallioni: Would you be able to link me to these compromises involving stewards? I haven't been keeping up, but I don't entirely understand how 2FA couldn't have stopped it (unless their computers were infected, in which case nothing would have prevented it as they were already logged in). Anarchyte (talk | work) 05:05, 23 November 2018 (UTC)[reply]

I can confirm it has happened, but currently there is no on-wiki postmortem. — regards, Revi 05:10, 23 November 2018 (UTC)[reply]

And I can confirm that even those stew with 2FA were compromised. I can't talk about the details per BEANS (and other security constraints). — regards, Revi 05:12, 23 November 2018 (UTC) [ Clarification: The stew with 2FA compromised is NOT related to this incident. I'm talking about the past incident. — regards, Revi 03:42, 25 November 2018 (UTC) ][reply]

Thank you for the (albeit restricted) clarification, -revi, though I can't help but think that something else must have also played a role in the compromising of the accounts. Having two separate devices prevents malware from getting to both the username and password, and the ever-generating 2FA code (I could give you my current 2FA code and it would be useless by the time you read this message). This is especially true given the major authenticators do not use accounts and are wiped if they're reinstalled (and, in the case of iPhones at least, are not saved to iCloud or iTunes when backed up to a computer). If someone's LastPass or 1Password are hacked and their 2FA system is compromised, then its not the fault of the system but rather the poor security employed by the account holder. This is all under the assumption that all the issues were at the user's end and that someone didn't just walk up to a computer with a logged in account (in which case ∞FA wouldn't have prevented it). Anarchyte (talk | work) 05:30, 23 November 2018 (UTC)[reply]

Requiring someone to own two separate pieces of expensive technology in order to be an administrator on a Wikipedia project is completely inappropriate and extremely exclusionary to anyone who doesn't have the ability to pay out thousands of dollars a year. We choose administrators because they are sensible, not because of their bank accounts or geographic location. Americans in particular seem to find it shocking that in a lot of countries, the phone that costs $200 in the US costs six months' wages, and that in other countries the typical internet connection costs 10-15 times as much as the average American family will pay. I pay about 3 times as much as the average American for considerably less access. Risker (talk) 05:55, 23 November 2018 (UTC)[reply]

@Risker: I noted this in a response above, but you do not need to devices to enable 2FA. Sure, it's more "secure" to use more than one, but downloading WinAuth for Windows (which has an extra layer of protection through a password and locking the data to your Windows user account) or Authy for Chrome accomplishes the exact same task. The only thing preventing someone from installing those pieces of software (or a Mac equivalent on this list) would be if the device has restrictions preventing non-vetted exes from running or if they are locked to a clean web browser.

I tested WinAuth while writing this response and it was very intuitive. See here for an image gallery explaining the process. Anarchyte (talk | work) 06:45, 23 November 2018 (UTC)[reply]

Good on you for trying to find a solution, Anarchyte; I do appreciate the effort. But again, it is entirely dependent on the user owning certain technology. It does not address the person who edits from school or public libraries, for example; as I've worked my way through the Wikimedia world, I've learned that what we take for granted here in the "Western" world is not the norm in the rest of the world. The WMF has already identified increased diversity as a critical goal in the coming decade, and so solutions need to be developed that not only accommodate but are actually focused on ensuring that people who don't own computers/smartphones can actively participate in our projects, and there are quite a few projects of languages from the poorest countries in the world. I'd like to encourage you to think more about how we can ensure that those projects can have their own admins - because we all have seen that once rules like this get applied to enwiki, they go through all of the Wikimedia projects unless there's an extremely concerted effort by a very big player (like German Wikipedia, for example). Risker (talk) 09:13, 23 November 2018 (UTC)[reply]

@Risker: Hmm, yeah. I didn't consider the precedent this would set. 2FA is a very loose term and doesn't have to be auto-generating 30-second-life-span codes accessed through secondary devices. An idea Ivanvector mentioned above, that I've also had experience with, is having codes emailed to a user. These will last longer (a few hours), have basically the same effect (prevent people from entering an account through a username/password breach), but will be slightly less secure due to the account's standing being entirely dependent on one outlet (the email address). Another idea that Steam and a few other applications use, like Facebook and Google, is remembering devices rather than browsers. I have literally no idea how this could be implemented (especially as it's a website rather than an app), but the gist is to have it so the user sets a device as being "okay" and then when the user logs in from these devices, it won't ask for verification. This prevents easy log-ins from hackers with one's username and password but doesn't hinder the account holder (usually). Anarchyte (talk | work) 10:03, 23 November 2018 (UTC)[reply]

"Remembering devices rather than browsers" is a total non-starter. As Risker says, it's easy for the core "relatively wealthy middle-aged people in Five Eyes countries" editor base to lose sight of the fact that sizeable chunks of the editor base don't operate on the same "home computer and a cellphone" basis. We have people who edit from work where they might be using a different terminal each day; people who edit from public libraries where it will obviously be inappropriate to install software; people who live in places China and Belarus where using any kind of secure system will make the authorities assume you're up to something and start prying into your private life; a fairly large contingent of serving military who edit Wikipedia as a hobby in their downtime on base and for whom installing unauthorized software on the computers or suspicious activity on their personal devices would likely get them locked up… If there were a genuine, serious issue to address then it would conceivably be justifiable to de facto ban particular chunks of the editor base from becoming admins, but since nobody's demonstrated any problem more significant than "a handful of admins used the same password for Wikipedia and Twitter and failed to change it when Twitter's password database leaked", that would seem to be a sledgehammer/nut situation. ‑ Iridescent 10:31, 23 November 2018 (UTC)[reply]

You're right, Iridescent. The email idea was the one I was going with to resolve the issue of not having a designated device and the "remembering devices rather than browsers" was to try to alleviate the concerns of those who think 2FA is too much of a hassle. Apologies if this wasn't clear. Anarchyte (talk | work) 10:48, 23 November 2018 (UTC)[reply]

(edit conflict) Without saying too much, this really wasn't a 2FA problem. I'm not anti-2FA (I use it myself and recommend anyone with advanced permissions where it is practical do so), but I also recognize there are valid reasons not to have it. Some financial. Some personal. Some just ease of using the technology, which can be an issue. It isn't a silver bullet and while it does provide an added layer of security, the fervor with which it is promoted when a high-profile compromise happens can miss the point that it is simply one tool for protecting your account, and that people should take reasonable steps to have a secure account as fits their particular situation. Mine allows for 2FA. I know of several functionaries where their situation doesn't allow for it. They all take reasonable precautions with their accounts, which is really all we can ask of them. What I would really like to see is a WMF password audit, as that would likely be a much more high yield activity, but I suspect that isn't happening anytime soon. TonyBallioni (talk) 06:53, 23 November 2018 (UTC)[reply]

Mandating 2FA would impose additional hassle on hundreds of administrators. And what problem would it solve? We had a compromised admin account. It made 8 or 10 admin actions, it was globally locked, the actions they had made were reverted, done. Pragmatically in terms of "person hours" it is much quicker to resolve such issues in the way we currently resolve them then it would be to make every administrator jump through 2FA hoops, all the additional hassle for stewards resetting passwords when people bodge up their login or lose their phone, and so on. Mandating 2FA would be an overreaction to a very infrequent problem. Fish+Karate 09:21, 23 November 2018 (UTC)[reply]

• For what it's worth, I'm also opposed to mandatory 2FA for any level of account. I use it myself because it works for me, but I absolutely understand that there are technological and financial challenges with WMF's implementation (and/or in general) for many users. Strong passwords and good password hygiene are also important, but we can't really mandate those things, we can only advise and recommend. Just to add info to the pile, I use a password manager along with 2FA wherever it's available, I use passwords generated by the manager or xkpasswd for things I really need to remember, and I've moved money out of accounts with banks that still use a six digit number as an internet password. Ivanvector (^Talk/_Edits) 14:59, 23 November 2018 (UTC)[reply]
• Given the problems that come with it (both inherent and any via a flawed system) then I wouldn't say anyone short of a steward or IntAdmin should need it. In its ideal form I am neutral to obligating it for admins - but certainly not at this time. Nosebagbear (talk) 15:23, 23 November 2018 (UTC)[reply]
• With the second administrator being compromised today (3rd one this year) it is time to make having 2FA be a mandatory component for all new Admins (passing a RFA), all Admins requesting simple Resysoping, and all advanced privilege (Requiring identification to Foundation) holders. We've seen what a compromised admin and oversighter can do. Fundamentally the 2FA is one of the least intrusive ways to make the attack surface more difficult to succeed at. Hasteur (talk) 22:39, 23 November 2018 (UTC)[reply]
  • Hi, Hasteur. The WMF does not require identification of advanced permission holders, and has not required this for several years. There are many reasons for this; amongst the more important is that they do not have a method of securely storing the identification information, and the simple fact that they will not be able to verify that the identification documents sent to them truly belong the the person behind the account. Instead we are all required to read and sign a confidentiality agreement with our logged-in user accounts. Risker (talk) 04:28, 25 November 2018 (UTC)[reply]
• I oppose mandatory 2FA: a proper password is plenty secure, while with 2FA it's too easy to lock yourself out of your account. Imposing 2FA would also effectively mean requiring admins to maintain committed identities and so on to convince sysadmins to unlock their accounts. BethNaught (talk) 10:14, 24 November 2018 (UTC)[reply]
• As others have pointed out 2FA is fine for a real world organisation where employees work several hours at a time and are identified to HR and company IT/Security. It isn't such a good fit for a volunteer organisation like this, and can actually militate against editor retention, specifically editors returning after multi year holidays - not a common issue for corporate IT. If password protection for admins needs to be improved, then set some software in place to force a password reset on any admin account with a password shorter than 16 digits. ϢereSpielChequers 13:05, 24 November 2018 (UTC)[reply]
• I won't be using 2FA. 3 reasons: (1) I have a unique, long, password (as does the email account I use only for Wikipedia) (2) Having seen the results of an organisation I did some consultancy work for when they introduced 2FA ... yeah, you can probably guess the rest... (3) You seen the mobile reception round here? Black Kite (talk) 23:32, 24 November 2018 (UTC)[reply]

  @Black Kite: just to clarify, our 2FA solution is not "on line", that is no connectivity is required between the authentication device and anything else, not for enrollment and not for use. — xaosflux ^Talk 20:26, 25 November 2018 (UTC)[reply]

• Heh, I accidentally locked myself out of my own account this morning. I logged out to use one of my alts, forgetting that I had just started a system update on my phone and couldn't access my authenticator app. I could've looked up my scratch codes to get back in but I didn't have anything urgent to do so I just waited for the update to finish. I'm just saying 1) it happens to people who think they know what they're doing, and 2) you can recover your account if you do something dumb like this, but it's a hassle (it's supposed to be a hassle). Ivanvector (^Talk/_Edits) 17:14, 25 November 2018 (UTC)[reply]
• Just a comment on forced periodic password resets (not entirely just about 2FA, but I can't see a better section). It's been largely debunked as a means to security, and it often just makes people change to passwords that are easier to remember (and therefore easier to hack). One place I worked briefly enforced monthly changes to passwords, and a significant number of people started using "January", "February" etc. That can be prevented by insisting on strong passwords, but with strong passwords you avoid any need for periodic changes anyway. If someone is victim to a brute force attack, all a periodic change really does is eliminate the passwords already tried and force the hacker to start again. So with a good strong password, a forced 3-month reset might reduce the mean time to hacking from, maybe, 50 million years to 49,999,999 years and 9 months. Strong passwords are the way to maintain security (and by that I don't mean nonsense like 8 characters including 1 digit and one upper case letter, I mean proper strong passwords), coupled with login attempt throttling, and maybe a good 2FA system where something extra might be needed (but 2FA isn't the real answer). Boing! said Zebedee (talk) 12:47, 3 December 2018 (UTC)[reply]

  I've just used a "Check the security of my password" site to check a few passwords. I did *not* check any of my real passwords on the possibility that it's a fake password-grabbing site! (though I used one at Russia's Kaspersky Lab, so that should be fine ;-) The results were interesting, with estimated computer-based cracking times...

  "January" - 4 seconds

  "Jan" - 7 microseconds

  "January1947" - 8 minutes

  "TomatoTrinket" (two random words) - 21 days

  "toMatOtRINket" (same two words with random caps) - 20 years

  "_QPZ#~pGww:6Q,7\" (from a random password generator) - 10,000+ centuries

  A password of similar length and format to my Wikipedia password - 8,763 centuries

  Some sites will offer a false sense of security, so be wary of any results. One, for example, reckoned "January1947" would take 41 years to crack, and I presume that's just doing a brute-force random-character attempt rather than trying any "Hmm, I wonder if it's when they were born?" connection of months and years. But I think it makes my point about strong passwords being the crux of it. Boing! said Zebedee (talk) 13:09, 3 December 2018 (UTC)[reply]

  I changed my password the other day as it seemed like good advice. My old password would have taken a pitiful 2,000 years to brute force. Lame! My new one, a far safer 552 quadrillion years. I think the bigger risk these days isn't your password being brute forced, it's your password being used on multiple sites. I had this issue once when LinkedIn dropped a bollock and gave away everyone's passwords. It wasn't the same password I used here, that's always been unique, but I did have to change passwords on about 40 different sites and learned a valuable lesson. NEVER REUSE PASSWORDS ANYWHERE EVER. Fish+Karate 13:46, 3 December 2018 (UTC)[reply]

  Definitely, yes, never reuse passwords between sites. Boing! said Zebedee (talk) 14:36, 3 December 2018 (UTC)[reply]

  Looking at my results again, I suspect the site I used got "_QPZ#~pGww:6Q,7\" wrong - it's only 16 chars from the printable ASCII set, and "10,000+ centuries" seems way too optimistic. Boing! said Zebedee (talk) 14:38, 3 December 2018 (UTC)[reply]

• I support all the comments above by @Fish and karate, Iridiscent, and Risker. This is a security panic, which is entirely un-needed now that admins no longer have the power to unblock themselves. A hijacked admin account be be spotted, blocked, and the damage cleaned up quickly.

As others noted above, 2FA also imposes burdens on admins which they may not be able to meet for a whole variety of reasons: financial, logistical, state security policy, neurological diversity, etc etc. It is sad to see how some editors simply assume that because their life circumstances make 2FA easy for them, the same applies to everyone else.

If there was en.wp decided to take just one step to further reduce our already appallingly low levels of diversity, this would be near the top of the list. Luckily, en.wp's policies are aimed at increasing diversity. --BrownHairedGirl (talk) • (contribs) 13:37, 3 December 2018 (UTC)[reply]

• An observation: it appears that what's written in this month's administrators' newsletter is the WMF's entire response to these hacks: they're not doing anything at all about vulnerable accounts, they're just passing the buck to users to secure their own accounts. Of course, their message will not get to inactive admins, so be vigilant for more hacks. Ivanvector (^Talk/_Edits) 14:19, 3 December 2018 (UTC)[reply]
• Agree with Boing! said Zebedee - my last job had us changing password every month - a lot ended up using a "core" password and added a 2 digit number to the end of it (and then writing the 2 digit number on the back of the PC...) FWIW, I do have 2FA installed, only because of c:Commons:Administrators'_noticeboard/Archive_69#URGENT:_CHANGE_PW_/_ENABLE_Two-factor_authentication, since I'm an admin on commons as well, and there was no great oppose to not implementing it (but there are only about 250 of us). In the end it cost me nothing to implement - I wrote a short python script User:Ronhjones/2FA for my PC - I just run it when I need a code (and it gives me my adminbot code as well). Ronhjones  ^(Talk) 18:45, 3 December 2018 (UTC)[reply]

  Ah yes, I remember now - I just added "Jan", "Feb", etc to my existing password (which was already quite strong). Previous ones couldn't be reused, but they gave up on the scheme long before 12 months and the need for a new root. And while we're doing password anecdotes, I had to try breaking into a colleague's account once (as he'd left some broken jobs clogging up the overnight batch queue - I'm showing my age). His username was just his first name, so the first thing I tried was his surname, and I was in - and his surname, appropriately, was "Hack". Boing! said Zebedee (talk) 19:01, 3 December 2018 (UTC)[reply]

Mandatory 2FA considered harmful

Allowing 2FA is fine, as long as the scheme uses meets the requirements of [ https://pages.nist.gov/800-63-3/sp800-63b.html#sec5 ]. Encouraging 2FA is also fine. Requiring' 2FA is a really, really bad idea. It is security theater, and in general is less secure than simply using a long, easy-to-remember-but difficult-to guess passphrase.

https://www.makeuseof.com/tag/two-factor-authentication-sms-apps/

https://www.wired.com/story/two-factor-authentication-apps-authy-google-authenticator/

https://thestack.com/security/2016/04/08/anywhere-computing-makes-2fa-insecure-on-ios-and-android/

--Guy Macon (talk) 07:38, 23 November 2018 (UTC)[reply]

I'll note that the articles you provided counter your point of passphrases being good enough. "And remember, any 2FA is better than no 2FA. Yes, it might take you an extra 10 seconds to log into certain apps, but it’s better than sacrificing your security." "the few minutes it takes to set up an authenticator app are more than worth the benefit". Here are three articles that support the use of 2FA:

• What Is Two-Factor Authentication, And Why You Should Use It - MakeUseOf
• What Is Two-Factor Authentication and Why You Should Use It - Motherboard
• Two-factor authentication: How and why to use it - CNet

Calling it a security theatre is subjective, and the article from The Stack is contradicted as "anywhere computing" relates to syncing information across devices, and these applications don't do that (at least Google Authenticator and WinAuth). I can understand possible situations in which someone cannot enable 2FA, but I see little reason to not if you can. So what if it takes someone an extra two minutes to log in? I'd much rather have to do that every so often than wake up to find my account compromised because Wikipedia or the connected email was hacked. And that goes for most sites that offer 2FA (I might not use a site's 2FA if I rarely use the site, but if someone's an admin+, it's hopefully safe to assume they're somewhat dedicated). Anarchyte (talk | work) 08:23, 23 November 2018 (UTC)[reply]

Just to comment - it is pretty clearly security theatre to suggest that the way to prevent compromise of admin accounts is to apply 2FA, when the last two reported admin or higher account compromises would not have been prevented even if the compromised accounts had had 2FA. It is also pretty clearly security theatre to suggest that removing admin permissions at a lower threshold will prevent situations where the accounts need to be blocked/locked/desysopped, when the overwhelming majority of admin accounts that have been desysopped would have met just about any activity criterion the community could reasonably come up with. So yeah. Security theatre. Risker (talk) 09:24, 23 November 2018 (UTC)[reply]

We hear about the successful attacks to compromise accounts, but never the unsuccessful ones. While I'm doubtful it has occurred, we would never be able to know if someone managed to guess the password to an admin's account who had 2FA enabled. There's a ping if they get it wrong a certain amount of time, but nothing for getting 66% of the way there (33% each for username, password, and 2FA). If that's an example of a security theatre, so is requiring CVVs for credit cards. It's simply a fail-safe to prevent people from giving away all their information. You could take a photo of the front of your card and no one could purchase anything online. I could give you my password and you wouldn't be able to access my account. I'm not saying 2FA is the be-all-end-all; just like CVVs aren't. If they were, we would never have a breached 2FA-enabled account and we would never have to worry about people using someone else's credit card. It's an extra layer of protection. Anarchyte (talk | work) 09:47, 23 November 2018 (UTC)[reply]

That's a false analogy. Compromise of a credit card causes the real loss of real money. Compromise of a Wikipedia account—even an admin account—causes someone to be a mild nuisance for a couple of minutes before having their contributions rolled back. Even assuming every editor had access to the technological means to use 2FA, an additional 10 seconds per day adds up when you multiply it by 1000-ish admins (not to mention the opportunity cost of "I've just noticed a problem, but I won't bother logging in to fix it because it would mean going downstairs, finding the phone and turning it on"). There are theoretical ways a compromised account could do genuine damage and force the WMF to perform a database rollback, but they've never once happened. The risk from a genuine holder of advanced permissions leaking data or systematically disrupting is orders of magnitude greater than the risk from a potentially compromised account, and even installing iris recognition on the computers of every admin would have zero impact on admins becoming disgruntled, drunk, involved in personal vendettas, or just bored. ‑ Iridescent 10:46, 23 November 2018 (UTC)[reply]

Fraud is usually intercepted by the bank and the account gets locked with the money spent being charged back, when possible. With this said, the analogy wasn't to give perspective to the connotations, rather that fail-safes like 2FA are all around us. I agree with your other points, though. Anarchyte (talk | work) 11:01, 23 November 2018 (UTC)[reply]

Going off of Iri’s point, this just happened, and while the account claims compromise, that is unlikely and in every likelihood we had a CheckUser on another WMF project (who at one point had access to en.wiki data that was stored on CU-wiki) was operating a goodhand-badhand sock situation on multiple wikis. Compromise is a concern obviously, but the chance of admin socking or a functionary going rogue is actually a much greater risk in my view. Again, I am not anti-2FA, but I do think we need to have a realistic view of actual risks. TonyBallioni (talk) 22:45, 23 November 2018 (UTC)[reply]

Sure, but did we ever had breach of an account with say 20+ character password which was not reused on any other sites? Ideally if the recovery mail is also protected by a 20+ character password which has never been used elsewhere?--Ymblanter (talk) 11:17, 23 November 2018 (UTC)[reply]

People haven't been going around revealing their compromised passwords. Length isn't the defining factor, complexity is. See this 8-10GB file of hacked passwords and you'll see that while less common, accounts with randomised passwords still get hacked. These sites may not be Wikipedia (some are actually bigger: 150 million Adobe and 165 million LinkedIn accounts, for instance) but we'd be ignorant to assume we can't be hacked. Anarchyte (talk | work) 12:05, 23 November 2018 (UTC)[reply]

I kinda get the feeling that if we make 2FA mandatory, that will just become the next target. If we don't make it mandatory but everyone on the site still used 2FA (except me because my password would take "4.06 hundred million trillion centuries" to crack and isn't listed in any dumps) then passwords remain the more visible option (even if they only get my password well after homo sapiens is no longer a thing). If someone is not going to use 2FA, they need to check for their passwords on Have I Been Pwned? and if there's any chance it might have leaked, change it to something that will outlast the site. Ian.thomson (talk) 17:00, 25 November 2018 (UTC)[reply]

If credential stuffing is what's going on here, a better idea is to use a unique password on Wikipedia which you do not use and have not ever used on any other website. If it's a brute force attack then Macon's Principle is a good guide. And then there's session hijacking, and for that I don't know, but I do know if you log out of Wikipedia it logs out all of your sessions on all devices. Ivanvector (^Talk/_Edits) 17:10, 25 November 2018 (UTC)[reply]

In my experience, if you log out once you are logged out of all sessions at all devices. (Though I must confess I was this years in a situation on my ipad when I was logged on the English Wikipedia but not on Commons or Wikidata).--Ymblanter (talk) 17:41, 25 November 2018 (UTC)[reply]

Correct. Logging out of any Wikimedia site logs you out of all of them. Additionally, changing your password logs you out of all sessions besides the one used to change the password. In light of the recent events, I decided to changed mine (and my 2FA secret key) to verify this. I recommend other people do the same even if you think your password will take aeons to crack. Anarchyte (talk | work) 04:35, 26 November 2018 (UTC)[reply]

Ian.thomson, How do you know https://www.grc.com/haystack.htm wasn't hacked at the time and you haven't given hackers your password by checking it there? ;-) Boing! said Zebedee (talk) 13:31, 3 December 2018 (UTC)[reply]