Academy Leader (talk | contribs) donated a redirect from WP:PARANOIA |
Tony Sidaway (talk | contribs) WP:PASSWORD |
||
| Line 1: | Line 1: | ||
{{proposed| [[WP:SECURITY]]}} |
{{proposed| [[WP:SECURITY]]|WP:PASSWORD}} |
||
'''Security''' on Wikipedia refers to the methods and principles we employ to guard potentially damaging actions from being abused by malicious or unqualified persons. |
'''Security''' on Wikipedia refers to the methods and principles we employ to guard potentially damaging actions from being abused by malicious or unqualified persons. |
||
Revision as of 01:23, 8 May 2007
Security on Wikipedia refers to the methods and principles we employ to guard potentially damaging actions from being abused by malicious or unqualified persons.
Passwords
All registered users have a password which works like any login password. Passwords help ensure that someone does not masquerade as another editor. Editors must use a strong password to avoid being blocked for bad edits by someone who guesses or "cracks" others editors' passwords.
Some actions on Wikipedia can only be carried out by privileged editors. The most common kind of privilege is adminship. It is especially important that privileged editors have strong passwords. Administrators, bureaucrats, checkusers, stewards and oversighters discovered to have weak passwords will have their privileges removed on grounds of site security. If an editor's password can be cracked by someone running one of the many quite sophisticated open source password crackers available on the internet, editing and other privileges will be removed before someone "borrows" it for malicious purposes.
Although the definition of "strong password" is deliberately left unspecified, privileged editors are required to use strong passwords and are informed that the developers will try to crack their passwords.
Administrators should make a second account without sysop abilities if they want to edit Wikipedia in public places such as a library. When editing on a semi-public computer, such as a machine at your place of work, it is a best practice to log out of Wikipedia when leaving your workstation.
It is important to use different passwords for every system on which you have an account. That way, if your commons account were to be compromised, the hacker would not instantly be able to gain access to your other Wikimedia accounts.
Protection
Sometimes pages may be protected to prevent their being vandalized. Protection is also sometimes used for other purposes such as "cooling down" edit wars or allowing editors to review the history of an article during some discussions on deletion review.
Blocking
Sometimes an editor, an IP address, or a range of IP addresses may be blocked to stop them damaging Wikipedia. Accounts that are compromised will be blocked immediately, regardless of the original standing of the editor.
Other security
This policy is not a tutorial on all the possible ways in which a Wikipedia account could be compromised. However, keeping a secure account is the editor's responsibility. Editors are required to take security seriously. Compromised accounts will be immediately blocked and any associated group settings will be revoked. Administrators and other privileged editors may have to reapply to regain those privileges.