I've gotten 4 notifications today from the WMF about logins from an unrecognized device; I understand from this page that that represents at least 20 attempts by someone trying to log in as me. I have a secure password that I've never used anywhere else, but as you may know, the most extensive security breach ever (probably) came to light last month, and I think it's too soon to say who or what might be at risk. Is anyone else getting these messages? I emailed the WMF asking what's up ... no reply yet. If I keep getting these messages, I'll ask you guys for a temporary desysop, to be safe. - Dank (push to talk) 00:29, 9 January 2021 (UTC)

If you have a strong password, there is nothing to be concerned about, and (more unfortunate) nothing that we can really do about it. However, should you be concerned that you might lose access to your account, we can of course temporarily remove the bit from your account. Primefac (talk) 00:31, 9 January 2021 (UTC)

Thanks. I think it's too soon to pull the plug, but pull it I will if this keeps up. - Dank (push to talk) 00:33, 9 January 2021 (UTC)

(Non-administrator comment) If you're concerned, I'd recommend you change your password to something new, and/or enable WP:2FA. power~enwiki (π, ν) 00:33, 9 January 2021 (UTC)

I too got notification of 190+ attempts to log in to my account on a new device. Dan and I are both active in maintaining the Main Page, so disruption there might be the intent. I do have a strong unique password for this account. Stephen 00:45, 9 January 2021 (UTC)

Yes do consider WP:2FA if you don't already have it. There were some successful compromises (with a fairly high success rate) in the past few days, and there seems to be more attempts that we don't know about. What I would advise is if you or anyone else gets a notification that someone else has successfully logged in, whether you are still able to log in or not, please contact a checkuser as soon as possible. -- zzuuzz ^(talk) 00:49, 9 January 2021 (UTC)

I've personally seen an uptick in them the past few days. -- Amanda (aka DQ) 00:55, 9 January 2021 (UTC)

• Bruteforcing is a highly ineffective way of trying to compromise an account, practically technically infeasible. If you have a long, non-reused, random password (example: "8hCTEwQ,~SV=95ACnas8zDuWqB(JfFCp" using a password manager, or something memorable like "juicy-firework-pineapple-green-horse"), the account will almost certainly not be compromised by bruteforce. 2FA is helpful as a reassurance, but not necessary. Consider that API keys for taking sensitive actions on many sites are about the same length, or shorter, than a long password here. ProcrastinatingReader (talk) 01:45, 9 January 2021 (UTC)

• About the long password thing, even random long non-reused passwords can be less secure without 2FA. If you don't think that's a possibility - one compromised user recently told me that their computer had a keystroke logger. Yes, 2FA is useful as a security measure. It's not for everyone, but please do consider it. -- zzuuzz ^(talk) 08:36, 9 January 2021 (UTC)

• • • Meh, I’m not sure using 2FA to obscure otherwise bad security practices (ie, those resulting in one ending up with a keylogger on their computer) is a good idea. Besides, if you have malicious software on your computer 2FA won’t help; your cookies could just get stolen. ProcrastinatingReader (talk) 09:48, 9 January 2021 (UTC)
• From a comment I recently left elsewhere: There is no need to change your password, assuming it wasn't bad and preferably was not on list of common passwords (that is the useful page from the "Password Blacklist library" at m:Password policy). Wikipedia's advice is at WP:SECURITY. However, it is essential that you do not use a password for Wikipedia or for the email account associated with Wikipedia that you have ever used at any other website. That's because other websites are often hacked and lists of username/password are published that hackers can access, and they might try using any such combinations here). Johnuniq (talk) 02:33, 9 January 2021 (UTC)
• I've been getting these all day, too. Normally, I'd get one or two a week from a certain someone, but today it has been 8 hours of non-stop targeting. Seems like someone badly wants to crack and admin account - Alison ^❤ 09:32, 9 January 2021 (UTC)

Maybe they're going for people with short names? Or common words? I got one too .... on both this account and Lollipop. —Soap— 09:40, 9 January 2021 (UTC)

Who knows but one likelihood is that the attacks are what has happened before, namely someone is trying to match leaked username/password combinations from aggregation websites that list literally millions of hacked accounts. It's likely that many people have called themselves "Alison" or "Soap" when logging in to some minor website which was later hacked and their poorly defended password list stolen. The attacker might have 100 combinations for each of you (Alison + password2, Allison + 1234, etc.) and they have a program that tries them all. As I mentioned above, any decent password would be adequate to deal with that. Johnuniq (talk) 09:47, 9 January 2021 (UTC)

Sorry to contribute to the split discussion but anyone interested in this might like to see some information I found here at WP:VPT. There is definitely a large attack underway. Johnuniq (talk) 10:13, 9 January 2021 (UTC)

@Dank: If your password is strong and unique (you have never used it or a variant of it on any other service) you should be OK (if it isn't - change it to fix that!). I had to turn off that notification before, as there isn't really anything you can "do" about it. Regarding cookie re-use, if you manually log-off it will void all your sessions on all devices to all WMF sites. 2FA will not stop someone from guessing your password, but will help stop them from actually getting logged in as you. 2FA is also helpful against password-recovery attacks (where someone gains access to your email and uses it to reset your account) - as are extra controls on your email (many email providers have robust supported 2FA solutions as well). — xaosflux ^Talk 10:42, 9 January 2021 (UTC)

•  Request withdrawn per above discussion, anyone may certainly ask for a desysop for any (or no reason) - but securing your account is normally sufficient. — xaosflux ^Talk 10:42, 9 January 2021 (UTC)
• 2FA is really something all admins should be using (not policy, just my personal advice). Long randomized passwords protect against some kinds of attacks, but not all. For example, I would assume that any machine you use in a public location has a keylogger installed; 2FA is a good defense against that. -- RoySmith (talk) 22:17, 9 January 2021 (UTC)

  Never logging into an admin account from a public computer is even better :-) Boing! said Zebedee (talk) 22:25, 9 January 2021 (UTC)

This. I only use my admin account from my desktop at home. I think most experienced admins are careful and use a separate non-admin account when away from home. If an admin is using their admin account on their phone, even with 2FA, they are taking a risk as 2FA is no protection if someone picks up your unlocked phone with the 2FA on it. I would say that, provided you have a unique and decent password, not using your admin account on your phone, and not using it away from home is a much better protection than having 2FA and feeling you can use your phone away from home. SilkTork (talk) 04:35, 10 January 2021 (UTC)

SilkTork, Just to clarify, I don't suggest people log into public terminals with their admin accounts. I was just using that as an example of one kind of attack 2FA protects you against. I use 2FA on my own (admin) account on my laptop. I have a second (non-admin) account which I use on my phone, because I know my phone is much more likely to get lost or stolen.

Other kinds of attacks 2FA protects you against include shoulder surfing, and plain old accidentally typing your password into the wrong window (we've all done that). If my LastPass account were ever to be compromised, it would protect against that too. Although to be honest, if that happened, the security of my wiki admin account would be very low on the list of things I'd be freaking out about. -- RoySmith (talk) 03:01, 11 January 2021 (UTC)

Me too, FWIW --Dweller (talk) Become old fashioned! 18:11, 10 January 2021 (UTC)

• Last time I tested it our 2FA system was half-baked. I don't recommend it. As for password compromises, the way to avoid them is to use a password manager and let it choose a unique random password for each account. Your risk is that somebody compromises the end point and steals the password from your computer or the service. Something like SRP protocol can help prevent passwords from being stolen from the service endpoint because they avoid sharing the password. Even if the service hashes passwords, it's not that hard to find collisions (a password with the same hash which will also work). What Wikipedia ought to do is implement automatic blocking of IP addresses, for a finite duration, after they are involved in threshold number of failed login attempts. This would slow down brute force attacks. Another thing Wikipedia could do is download the HIBP database of compromised credentials and automatically disable any credentials found on the list. Jehochman ^Talk 14:35, 11 January 2021 (UTC)

  I have not had any issues with the 2FA system. (And I was hesitant to enable.)

  Wikimedia does already pull either the top 10k or 100k compromised phrases and forces a change for those passwords for old people trying to login and forces new accounts to avoid those. --Izno (talk) 17:24, 11 January 2021 (UTC)

The following inactive administrators are being desysoped due to inactivity. Thank you for your service.

1. Hiberniantears (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

   Last admin action: Aug 2019

— xaosflux ^Talk 00:15, 1 February 2021 (UTC)

• only (current rights · rights management · rights log (local) · rights log (global/meta) · block log)

Hi.... After something like 12-15 years of Wikipedia, I'm retiring and requesting removal of my sysop rights to prevent any issues down the road. Thank you! only (talk) 18:05, 2 February 2021 (UTC)

 Done. Happy trails. Primefac (talk) 18:34, 2 February 2021 (UTC)

Much obliged. only (talk) 18:36, 2 February 2021 (UTC)

Archive deletion discussion

I've been retired as an editor for a long time and there's no prospect of me returning to regular administrative duties in the near future. Probably time to resign the tools. Lear's Fool (current rights · rights management · rights log (local) · rights log (global/meta) · block log)   -- Lear's Fool 00:57, 6 February 2021 (UTC)

 Done. Primefac (talk) 01:03, 6 February 2021 (UTC)

Thanks.  -- Lear's Fool 02:46, 6 February 2021 (UTC)

I have opened an RfC at Wikipedia:Requests for comment/Desysop Policy (2021) to discuss establishing a community based desysop policy. All are invited to comment. TonyBallioni (talk) 20:48, 20 February 2021 (UTC)

proposed alternate request for de-bureaucratship / de-adminship / de-intadmin process

Thank you for the link TonyBallioni. It looks like the bureaucrat tasks being proposed are:

• confirming that a given request for desysop / de-bureaucrat / de-intadmin has been certified as prescribed;
• transcluding the certified request, should the discussed rightholder not do so as prescribed;
• (knock-on) tending to notice threads placed at BN upon initiating and transclusion of requests;
• (presumably) clerking on ongoing requests;
• closing expired requests; those with 60% in support of removal result in removal of affected privilege; removal of Sysop necessitates removal of bureaucrat* and intadmin;
• (where applicable) request bureaucrat removal at m:SRP in absence of local ability.

The surface for bureaucrat discretion seems minimal. Did I miss anything? –xeno^talk 02:34, 21 February 2021 (UTC)

xeno, I think you have it. There’s some discussion as to if there should be a discretionary range for removal, but unless there is a groundswell for that, it is not included in the current proposal. The roles for bureaucrats in this proposal are mainly ministerial. TonyBallioni (talk) 02:46, 21 February 2021 (UTC)

Who determines whether the original noticeboard closures resulted in the necessary censure? –xeno^talk 17:37, 21 February 2021 (UTC)

• Notably, while the page title doesn't include it, this is also a de-bureaucrat process. — xaosflux ^Talk 04:49, 21 February 2021 (UTC)

  How so? –xeno^talk 04:58, 21 February 2021 (UTC)

  @Xeno: the last line of the proposed policy addition (which I think has other problem unrealted to this) includes Users may additionally initiate this request to remove ... bureaucrat permissions. — xaosflux ^Talk 05:03, 21 February 2021 (UTC)

  Thank you, I updated the list. –xeno^talk 17:49, 21 February 2021 (UTC)

  I added this as there was concern expressed by Rschen7754 that stewards would not recognize a request to remove bureaucratship without an explicit policy basis (see case on the talk page.) So if someone is desysoped, they will be de-cratted automatically. Someone could also initiate this against a crat if there was concern, but I don't think we've ever had a case of someone explicitly only asking for crat rights to be removed, and I doubt they would start now. I disagree with Xaosflux's implication here that this is sneaky hidden somehow, since it was an afterthought added literally to make it clearer for stewards. TonyBallioni (talk) 05:06, 21 February 2021 (UTC)

  Ah, it was added after. You should probably notify the 22 people that had supported it when the addition was made, as it changes the proposal. (Oh, you did)

  It’s late, but wouldn’t this mean that less people are needed to remove a bureaucrat than installed them? –xeno^talk 05:16, 21 February 2021 (UTC)

  Yes, but that's consistent with the process proposed for admins as well, and also consistent with the current process of having the same body remove +crat as would remove +sysop (AC). Anyway, as you say, it's late. TonyBallioni (talk) 05:27, 21 February 2021 (UTC)

  I updated the list, please double check. TonyBallioni: Since this expands the scope of the request could we make it more clear in the original notifications that it applies and can be used exclusively for the two other permissions also? –xeno^talk 17:37, 21 February 2021 (UTC)

  If it passes, we might think about finally having bureaucrats be able to withdraw the bureaucrat privilege. The "crat gone rogue" scenario isn’t as scary as it used to be. –xeno^talk 05:36, 21 February 2021 (UTC)

  I don't think it was "sneaky" - just making sure it was clear to the audience of the Bureaucrats' noticeboard that a new process that can be used for community removal of bureaucrats has been proposed. — xaosflux ^Talk 05:18, 21 February 2021 (UTC)

  So many edit conflicts. Was changing the word there to hidden. All's good here and no hurt feelings :). TonyBallioni (talk) 05:27, 21 February 2021 (UTC)

I took back the admin tools last year to help with the demands brought by the Covid-19 pandemic, which was putting pressure on existing admins. The need appears to have eased off since then, and I've performed very few admin actions in that area in 2021 (just a couple of blocks that were promptly addressed and reversed). I also have important personal priorities over the next few months, and removing all those Covid pages from my watchlist would greatly reduce the distraction. So please disable my admin tools again. Boing! said Zebedee (talk) 09:22, 25 February 2021 (UTC)

Done - thanks for your work Boing! said Zebedee Worm^TT(talk) 09:40, 25 February 2021 (UTC)

:-( Ritchie333 ^{(talk) (cont)} 19:12, 25 February 2021 (UTC)

what Ritchie said ^^ :-( — Ched (talk) 21:07, 25 February 2021 (UTC)

Hello, I just locked DYKUpdateBot as compromised. This account holds local sysop permissions, so I decided to inform bureaucrats in case they wish to take any local action. Best, Martin Urbanec (talk) 19:58, 25 February 2021 (UTC)

@Shubinator: please review and reply about this situation. ArbCom can review the WP:LEVEL1 situation. — xaosflux ^Talk 20:02, 25 February 2021 (UTC)

Ya I saw nothing in crat policy to tell us to desysop, so i'll leave that to ArbCom. I blocked the account at least for local accountability before the account is restored. Also blocking DYKHousekeepingBot (talk · contribs) per stewards saying it's out too. -- Amanda (aka DQ) 20:05, 25 February 2021 (UTC)

• Arbcom emailed to review the situation. — xaosflux ^Talk 20:04, 25 February 2021 (UTC)
• @AmandaNP: Did you mean to enable autoblock? The bot runs on toolforge. Suffusion of Yellow (talk) 20:06, 25 February 2021 (UTC)

Forgive me for being dense, but a quick look through the contributions doesn't reveal anything that would mandate an obvious emergency. I assume there's something else going on here that I don't get. Ritchie333 ^{(talk) (cont)} 20:07, 25 February 2021 (UTC)

@Ritchie333: there is a private tech report about this that a sysadmin acted upon. — xaosflux ^Talk 20:12, 25 February 2021 (UTC)

I didn't, just realized and took it back off. I don't see anything obvious either through local CU, but I'm assuming something on the steward end triggered it. -- Amanda (aka DQ) 20:08, 25 February 2021 (UTC)

Yeah, if this is WP:BEANS then that's fine by me - I just think it's worth spelling it out because a lot of people submit DYKs and won't necessarily be up to speed on what stewards do. Ritchie333 ^{(talk) (cont)} 20:11, 25 February 2021 (UTC)

This is a BEANS situation for sure. Bush's baked honey maple flavored, I think. CaptainEek ^{Edits Ho Cap'n!}⚓ 20:13, 25 February 2021 (UTC)

Somewhat ironic that Xaosflux linked to a private report, which is the very definition of BEANS Ritchie333 ^{(talk) (cont)} 20:21, 25 February 2021 (UTC)

Tickets like this have limited access, and only members of the correct ACL can see it. But agree, posting the link was unwise, or at least ironic. QuiteUnusual (talk) 20:39, 25 February 2021 (UTC)

Meh. We rely too much on security through obscurity. --In actu (Guerillero) ^{Parlez Moi} 20:41, 25 February 2021 (UTC)

The report number was already publicly posted, I'll remove it from above since others are concerned though. — xaosflux ^Talk 20:42, 25 February 2021 (UTC)

Note: It's me who published the ticket ID for the first time (see the lock reason). Alone, the ticket number does not provide any information, unless you are a member of the correct Phabricator group. --Martin Urbanec (talk) 21:00, 25 February 2021 (UTC)

• Can confirm, legitimate concern. ArbCom is examining the issue. CaptainEek ^{Edits Ho Cap'n!}⚓ 20:12, 25 February 2021 (UTC)
• Thanks for the ping User:Xaosflux. Who should I talk with to get this resolved? I'm working on replying to a Cloud Services email, not sure if I also need to talk with ArbCom. Shubinator (talk) 06:36, 26 February 2021 (UTC)
  • @Shubinator: while the sysadmins w/ Cloud Services may unlock you - you will need to contact ArbCom about getting sysop access restored. They will generally want to discuss with you security practices related to WP:SECUREADMIN. — xaosflux ^Talk 11:05, 26 February 2021 (UTC)

    See WP:RETURN for more details. Regards SoWhy 11:08, 26 February 2021 (UTC)

Level 1 desysop of DYKUpdateBot

Under the Level 1 desysopping procedures, the administrator permissions of DYKUpdateBot (talk · contribs · blocks · protections · deletions · page moves · rights · RfA) have been temporarily removed as a suspected compromised account.

Supporting: Barkeep49, Bradv, CaptainEek, Maxim, Worm That Turned

For the Arbitration Committee, Barkeep49 (talk) 20:23, 25 February 2021 (UTC)

Discuss this at: Wikipedia talk:Arbitration Committee/Noticeboard#Level 1 desysop of DYKUpdateBot

•  Bureaucrat note: -sysop per LEVEL1 request completed. — xaosflux ^Talk 20:26, 25 February 2021 (UTC)

Restoration of privileges to DYKUpdateBot

DYKUpdateBot (t · th · c · del · cross-wiki · SUL · edit counter · pages created (xtools · sigma) · non-automated edits · BLP edits · undos · manual reverts · rollbacks · logs ^{(blocks · rights · moves)} · rfar · spi · cci) (assign permissions)^{(acc · ap · fm · mms · npr · pm · pcr · rb · te)}

DYKUpdateBot (talk · contribs) is granted administrative permissions on the English Wikipedia following the securing of its passwords by the operator.

For the Arbitration Committee, – bradv🍁 23:18, 26 February 2021 (UTC)

Discuss this at: Wikipedia talk:Arbitration Committee/Noticeboard § Restoration of privileges to DYKUpdateBot

 Done Permissions restored. -- Amanda (aka DQ) 23:30, 26 February 2021 (UTC)

meta:Special:Redirect/logid/40270399 (note of GUNLOCK). — xaosflux ^Talk 23:31, 26 February 2021 (UTC)

The violent imagery surrounding global locks is always interesting (glocked, gunlocked). ProcrastinatingReader (talk) 23:45, 26 February 2021 (UTC)

Or, possibly, a meaningless coincidence. Beeblebrox (talk) 23:49, 26 February 2021 (UTC)

AmandaNP

AmandaNP (t · th · c · del · cross-wiki · SUL · edit counter · pages created (xtools · sigma) · non-automated edits · BLP edits · undos · manual reverts · rollbacks · logs ^{(blocks · rights · moves)} · rfar · spi · cci) (assign permissions)^{(acc · ap · fm · mms · npr · pm · pcr · rb · te)}

Hi all. I have had requests from a few people over time for an easy way to update js code on Wikipedia while still having a proper bug/code review/versioning system behind it. I just filed Wikipedia:Bots/Requests for approval/DeltaQuadBot 9. But to be able to edit other user's JS files, the bot will need interface admin permissions.
Policy also requires that I have the Int admin flag myself. I have assisted users with diagnosing and slightly modifying js/css code before, but I'll admit, I can't directly code in JavaScript. That being said, that wouldn't be my use for it. As a bot developer that solidly knows python and PHP, I can still clearly read JS and know what I'm screwing around with before I do it. I would not intend to edit any sitewide scripts or ones that affect a large amount of people. Just to assist getting this bot up and standard diagnosing of users having issues with scripts and their JS files. I'm also happy to answer any questions. -- Amanda (aka DQ) 23:03, 24 February 2021 (UTC)

Standard 48-hour hold for new IADMIN flags. @AmandaNP: this access requires that you have WP:2FA enabled on your account, do you have this yet? — xaosflux ^Talk 00:07, 25 February 2021 (UTC)

Yes, have had it on for a long time now. -- Amanda (aka DQ) 05:03, 25 February 2021 (UTC)

 Done. Primefac (talk) 18:26, 27 February 2021 (UTC)

DeltaQuadBot

DeltaQuadBot (t · th · c · del · cross-wiki · SUL · edit counter · pages created (xtools · sigma) · non-automated edits · BLP edits · undos · manual reverts · rollbacks · logs ^{(blocks · rights · moves)} · rfar · spi · cci) (assign permissions)^{(acc · ap · fm · mms · npr · pm · pcr · rb · te)}

 Not done @AmandaNP:, your bot request will need to pass WP:BRFA first. We won't need another 48 hour hold for the bot assuming your primary account has access. You will need to enroll your bot account in WP:2FA as well. — xaosflux ^Talk 00:07, 25 February 2021 (UTC)

Oh ok, figured that still required it's own discussion here. No worries. -- Amanda (aka DQ) 05:03, 25 February 2021 (UTC)

The following inactive administrators are being desysoped due to inactivity. Thank you for your service.

1. Alexandria (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

   Last admin action: Dec 2017

2. Happyme22 (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

   Last admin action: Jan 2011

— xaosflux ^Talk 00:20, 1 March 2021 (UTC)

@Xaosflux for Happyme22's last admin action Special:Redirect/logid/34097119 is from January 2011. DannyS712 (talk) 00:04, 2 March 2021 (UTC)

Thanks for note, corrected above - missed it in the sea of move logs. — xaosflux ^Talk 00:23, 2 March 2021 (UTC)

I gained my bit in a much different time on WP and it appears the community has changed greatly during that time and I have lost touch with it. Therefore, I'm requesting that my access to admin tools be removed. --WGFinley (talk) 11:41, 20 February 2021 (UTC)

I've done that for you WGF. Thank you for your time as an admin. Noting here, for the record, the discussion at ANI: [2]. SilkTork (talk) 13:11, 20 February 2021 (UTC)

SilkTork, please provide a permanent link or it doesn't do much for the record. Your link is already dead. Bishonen | tålk 09:48, 25 February 2021 (UTC).

this should do ϢereSpielChequers 09:55, 25 February 2021 (UTC)

That was a sad read, more than anything else. :( Acalamari 11:13, 25 February 2021 (UTC)

Yeah. This started with deprotecting The Lincoln Project. As the original author of that article, I follow it and was thus aware of this little tempest, but didn't realize it had gotten as far as AN. As mentioned by others in the WP:AN thread, I think this whole thing went off the rails, with a relatively minor error getting amplified by over-reactions. I didn't see anything specifically mentioned about WP:CLOUD, but I'm assuming it doesn't apply here and WGFinley will be able to regain the bit simply by asking for it. I hope that at some point he'll be willing to get back into editing. -- RoySmith (talk) 18:36, 2 March 2021 (UTC)

Cloudiness is always determined when the bit is rerequested. Thryduulf (talk) 19:48, 2 March 2021 (UTC)

I have opened an RfC at Wikipedia:Request for comment/Adminship term length to discuss adding an term length to adminship, and what to do at the end of an admin's term. Worm^TT(talk) 10:34, 9 March 2021 (UTC)

Thread retitled from "El C".

As part of the final decision in the RexxS case, the Arbitration Committee has passed a remedy to remove the administrative rights of RexxS (talk · contribs · blocks · protections · deletions · page moves · rights · RfA). The passed remedy can be viewed at Wikipedia:Arbitration/Requests/Case/RexxS § RexxS desysopped and an announcement has been made at ACN to announce the closure of the case and the remedy to remove RexxS's administrative rights. Would a bureaucrat please remove RexxS's administrative rights at their earliest convenience. For the Arbitration Committee, Dreamy Jazz ^{talk to me | my contributions} 23:37, 26 March 2021 (UTC)

Done. –xeno^talk 23:56, 26 March 2021 (UTC)

Speaking as an editor here and not as a bureaucrat...damn. :( Acalamari 10:26, 27 March 2021 (UTC)

I think that 'crats and others active or interested in adminship matters would find it insightful to read through some of the case pages, the RfA, and the 'crat chat that followed it. UninvitedCompany 14:55, 31 March 2021 (UTC)

My first thought was that the "RfA" was not particularly relevant, but (outside of the specific wording) I do think that the Wikipedia:Arbitration/Requests/Case/RexxS § ArbCom and RfA is worthy of note. Just to be clear, I'm saying specifically that I don't think the crats should be blamed for any of this. (although other have stated otherwise) — Ched (talk) 15:46, 31 March 2021 (UTC)

I suppose, that you are, referring to my comments. I apologize for coming on too strong in words, but I still hope it does not come down to "blame" per se, but rather more like, 'after action analysis'. And I also would hope the focus is not on any individual crat, but on Crat process. The responsibilities seem too important, and consequences seem too painful or upsetting to too many, to not think about. Alanscottwalker (talk) 16:04, 31 March 2021 (UTC)

I haven't really been following this case, but from a quick look at the findings-of-fact etc. it seems that the desysop has resulted from specific breaches of WP:ADMINACCT, and not from some nebulous idea that RexxS wasn't suitable for adminship in the first place. Which is correct - I think that for ArbCom to imply that either the community who elected him, or the crats who interpreted that RFA, were incorrect in their reasoning would be a gross overstep of its sphere of authority. The conclusion from this must not be that the crats need to approach closures differently in future. IMHO they should take their direction in that respect from the community only.  — :::Amakuru (talk) 16:11, 31 March 2021 (UTC)

I see no reason to ascribe to Arbcom any overstep of any sphere of authority, nor any such implication that Arbcom is telling the Crats something. The community has instructed Crats about consensus gathering to some extent, but that's only part of it, the Crats process their own internal consensus gathering. -- Alanscottwalker (talk) 16:31, 31 March 2021 (UTC)

And just to be clear about Arbcom, beside ADMINACCT, there was also WP:ADMINCOND issues. -- Alanscottwalker (talk) 16:59, 31 March 2021 (UTC)

Alanscottwalker, (after ec) No, I wasn't referring to you at all, or any individual actually. There are/were a multitude of people who fell/felt that the 'crats were to blame the catalyst which set the situation in motion. Some even attempted to lay the blame causation at the feet of an individual crat. Personally I consider that to be extremely faulty logic. — Ched (talk) 16:17, 31 March 2021 (UTC)

I supposed wrong -- apologies. -- Alanscottwalker (talk) 16:39, 31 March 2021 (UTC)

A sad tale, to be sure. Of the whole chain of actions/decisions, by RexxS and others, that got to this conclusion, I'm not sure why to single out 'crat decisions at the RFA. I opposed at the RFA, but think the crats did a decent job trying to divine whether there was consensus in a situation where it was right on the edge. Unfortunately, it ultimately didn't work out, but it was worth trying. I know emotions are raw, but I'm also sad at the lamenting and criticism of Arbcom, who reached a fully defensible decision given the circumstances. I do hope RexxS comes back, and will be happy to support him at a future RFA after he shows Dr Jekyll has banished Mr Hyde. And crats, may you continue to do your best in even the tricky cases; just as you did in this situation at the time. Martinp (talk) 23:37, 31 March 2021 (UTC)

Well, I don't think it is singling out, it's a chain, as you say. But desyssop is still rare, and more pertinent, this was relatively swift from that link in the chain to this. Among other things, maybe placing them into a divided community made the chain very short. -- Alanscottwalker (talk) 00:50, 1 April 2021 (UTC)

The following inactive administrator is being desysoped due to inactivity. Thank you for your service.

1. Enchanter (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

   Last admin action: Dec 2006

— xaosflux ^Talk 01:57, 1 April 2021 (UTC)

There are usually no comments on these desysops purely for inactivity but 14+ years without an admin action and still being an admin has to set some kind of record. Talk about not using the tools. Liz ^{Read! Talk!} 18:47, 3 April 2021 (UTC)

I looked yesterday as I was not familiar with this admin, and it immediately became clear why that is. Not the 'crats problem, but I have long felt the activity policy is overly lax. Beeblebrox (talk) 18:53, 3 April 2021 (UTC)

You can use the tools without generating a log entry, such as reviewing deleted or revdel information, although that is more for the benefit of your editing than mopping up. Even AE actions are considered "admin actions" but often do not create a log entry. So in many cases I don't get excited if someone hasn't blocked or deleted anything in a year or two, although to go 14 years without a single logged event, you have to be actively avoiding it. That is the problem with making the rules too strict, a lot of good admin work doesn't create a log entry. Dennis Brown - 2¢ 00:50, 4 April 2021 (UTC)

There is indeed plenty of admin work that does not get logged. Logs are one metric, but one would have to actually look through a user's contributions to search for admin activity that doesn't get logged. That's not unrealistic. I went back a decade in this user's contribs and didn't see anything that could be construed as "unlogged admin activity". It took a couple minutes. You can tighten the rules without equating "admin activity" to "logged admin activity"; we already do this for crats and it's still very lenient. But I don't particularly buy the argument that we can't do so because someone could be viewing deleted content without any evidence of admin activity. I don't think an inactive admin should retain the bit by virtue of viewing deleted content and nothing else. ~Swarm~ ^{sting} 04:12, 4 April 2021 (UTC)

I agree with that, I just wanted to be clear that you can't look only at the logs. I wouldn't want to see the pendulum swing too far in the other direction, but yes, if you're going to have the bit, you should use it more than your own editing convenience. Dennis Brown - 2¢ 11:25, 4 April 2021 (UTC)

Support desysop per standard practice, and even more so because of the cogent analysis by Swarm. A person who is not now contributing to the administration of the encyclopedia should no longer retain the right to view deleted content. Cullen³²⁸ Let's discuss it 04:23, 4 April 2021 (UTC)

While there's no need to vote, if you want to discuss improving the inactivity policy you can check Wikipedia:Requests for comment/Change to sysop activity requirements. User:力 (power~enwiki, π, ν) 05:01, 4 April 2021 (UTC)

Wow, what a terrible page. ~Swarm~ ^{sting} 06:37, 4 April 2021 (UTC)

just to circle back around to the logged actions, yes there are many things an admin can do that do not generate a logged action. The current standard, (which I proposed because it seemed achievable), is that you only need to make one logged action every five years, and to not go more than one entire year without making an edit of any kind to retain the tools forever. We need't be nearly as strict as the functionary activity guidelines, but if you are actually doing admin work, you're going to need the tools more than once every five years. Viewing deleted content is a good example. If you're doing that, for five years, and don't find a single opportunity to restore a page or block someone for an edit that was recently deleted, what the heck are you doing? Beeblebrox (talk) 20:03, 4 April 2021 (UTC)

• I am looking at the list for next month and wondering, is it an exception or a sign of things to come. Usedtobecool ☎️ 06:56, 4 April 2021 (UTC)

  12 is high, it was only 10 the same month last year, and that was a heavy month. But last August it was 13, so this is not a record. As usual one expects that most of them will do an edit or two this month and come off the desysop list for another year. If we changed the rules to also desysop admins with fewer than 100 edits or logged actions in the last 6 years we would either lose several of these or see them become a little more active. ϢereSpielChequers 14:05, 4 April 2021 (UTC)

  Looks like four of them have not used tools in five years or more, so they already are not really admins. Factor that in and it's less alarming. The overall number of permanent desysops via the five year rule seems to be trending down, but that's a bit of a spike. Beeblebrox (talk) 20:06, 4 April 2021 (UTC)

  I've mentioned this on a few talk pages, but you probably have 50 people doing the majority of the admin work at any given time, and another 150-200 who are involved to some degree in admin-type work either through commenting on boards, working in niche admin areas in addition to content, etc. The groups are somewhat fluid, but we're doing absolutely fine in keeping up the core number of people and replacing people in those group via RfA as attrition occurs. Anyway, these type of discussions usually lead to handwringing that we're losing so many people and RfA isn't replacing them, but when you look at it through a lens of "are we replacing the number of active people who we are losing?" The answer is very likely "Yes". TonyBallioni (talk) 20:21, 4 April 2021 (UTC)

  I agree with Tony's point about how many active admins we have at a given moment. However, his analysis that we're doing just fine is, I think, incorrect. 50 admin doing all the work is a bit misleading because it's not like they're all doing a bit of everything. Most admin work an area or two. Many processes are working only because we have 1, maybe 2, admin doing all the necessary work there and if that were to stop it's not at all immediately apparent that one of the 150-200 semi-active admin would be able to just step into the breach. Adding more admins don't cost us anything and provide us needed spare capacity. Best, Barkeep49 (talk) 21:36, 4 April 2021 (UTC)

  I don't disagree that adding more admins is a good thing. I just don't think that the usual fear over large amounts of inactivity desysops points to anything other than the 750 or so admins who aren't doing much anyway decreasing. TonyBallioni (talk) 22:08, 4 April 2021 (UTC)

  • The institutional memory concern you bring up is definitely worth consideration. I think it's most acute with bot operators, where losing a single editor often leads to unmaintained bots that die and cause problems. Part of the solution needs to be improving documentation, so that when an editor goes away another can more easily pick up the baton. As for the "cost" of having more admins, it's mainly that it reduces security and opens the door for abuses if we set the bar too low. But more generally, I agree we could invite more editors to be admins and still be fine. {{u|Sdkb}} ^talk 22:13, 4 April 2021 (UTC)

  The point when we desysop an admin for inactivity is not the moment when that admin ceased to be active. If we are going to measure the core group that Tony talks of that is a smaller group than Wikipedia:List_of_administrators/Active as that is a list of admins who have made 30 edits in the last two months - The vast majority of admin actions in the last two months will have been done by a subset of that group. But to address Beeblebrox's point, the problem is not when someone goes 12 months without an edit. The problem comes at least 12 months earlier when an active admin moves on to another hobby, and though the overall editing community is slowly growing, we aren't recruiting enough admins to replace those we lose. At about twenty new admins a year we would need the average admin to be active for 25 years to maintain a cadre of 500 active admins. I don't see that happening. ϢereSpielChequers 22:51, 4 April 2021 (UTC)

  @Usedtobecool: it is normal for a new list to have many names on it, for example in Feb there were 7 admins (and a bot) listed, only 1 admin ended up getting removed. The rest made at least one edit or action that stopped the removal process. — xaosflux ^Talk 20:38, 4 April 2021 (UTC)

Carlossuarez46 (t · th · c · del · cross-wiki · SUL · edit counter · pages created (xtools · sigma) · non-automated edits · BLP edits · undos · manual reverts · rollbacks · logs ^{(blocks · rights · moves)} · rfar · spi · cci) (assign permissions)^{(acc · ap · fm · mms · npr · pm · pcr · rb · te)}

The Arbitration Committee has, by motion, temporarily removed the administrative rights of Carlossuarez46 (talk · contribs · deleted contribs · logs · filter log · block user · block log). The announcement of the motion was made at ACN here. Please remove Carlossuarez46's administrative rights at your earliest convenience. For the Arbitration Committee, GeneralNotability (talk) 02:41, 8 April 2021 (UTC)

Done, per ArbCom motion. SilkTork (talk) 08:37, 8 April 2021 (UTC)

Noting that the motion calls for this temporary measure to become indefinite after 20210708T02:04 if the case is not resumed, if converted to indefinite will require a new RfA. — xaosflux ^Talk 09:40, 8 April 2021 (UTC)

The wording is perhaps a little unclear in that it says "temporary" but it also says at the end: "Carlossuarez46 may regain the administrative tools at any time only via a successful request for adminship." Not sure what the actual intention is, but this appears to be a dysop "under a cloud" - though the community prefer us to discuss that at the time of requesting the tools back, rather than now. SilkTork (talk) 10:07, 8 April 2021 (UTC)

It is clear to me that while the case is "suspended" it is not closed, such that the current desysop is being actively enforced, preventing a summary self-restoration request from being available. The oddity is that they could return, ignore the case, and just go to RfA which would lead to drama if passed. — xaosflux ^Talk 10:42, 8 April 2021 (UTC)

In theory, but based on the ANI report that lead to the Arb case, the RfA itself would be eventful, but brief. Dennis Brown - 2¢ 10:48, 8 April 2021 (UTC)

Indeed, I suppose it leaves available the "arbcom got it all wrong!" community argument. — xaosflux ^Talk 10:52, 8 April 2021 (UTC)

I'm wondering if the wording should be "provisional desysop" rather than "temporary". In the sense that, as User:Xaosflux says, the desysop is ArbCom enforced, preventing a BN self-restoration request, and so avoiding any discussion and doubts about clouds on the horizon; but the desyop is pending on the return of Carlossuarez46 and outcome of the case, which may be to admonish but not to desysop. SilkTork (talk) 11:11, 8 April 2021 (UTC)

The community don't like us to discuss clouds and re-sysopping at this point, but I'm wondering what the position would be, theoretically, if Carlossuarez46 did return, the case was held, and ArbCom did not decide to desysop, and either ArbCom or Carlossuarez46 requested we give the tools back. This has all the appearance of a cloud to me, and I don't see how we could give the tools back on request. I'm not seeing anything provisional or temporary about the desyopping. SilkTork (talk) 11:18, 8 April 2021 (UTC)

So many conditionals is why we don't normally try to figure out what would happen in advance. — xaosflux ^Talk 13:19, 8 April 2021 (UTC)

My understanding of the motion is as follows (note that I am speaking as me right now, not on behalf of the Committee, and I have no "insider" knowledge about the Committee's intent):

• ArbCom has directed Carlossuarez to be desysopped, effective immediately.
• If Carlossuarez requests a case within the next three months, a case will be held, though they will not get +sysop back automatically.
  • If the outcome of the case is "The initial motion was correct, Carlossuarez should not have +sysop," they will remain desysopped (until and unless they successfully RfA again).
  • If the outcome of the case is "The initial motion was wrong, Carlossuarez should have +sysop," ArbCom will ask that the desysop be reversed.
• If Carlossuarez does not request a case within the next three months, the desysop becomes permanent (again, until and unless they successfully RfA).
• Nothing in ArbCom's motion prevents Carlossuarez from going straight to RfA.

^{SubjectiveNotability} _{a GN franchise} (talk to the boss) 13:20, 8 April 2021 (UTC)

GN's reading of the situation is correct; the only way that Carlos will get the bit back without a new RFA is if he returns, requests we perform a full case, and ArbCom determines the actions leading up to the filing were insufficient to merit removal of the mop. Primefac (talk) 16:29, 8 April 2021 (UTC)

• SilkTork - add me to the list of people who prefer "provisional". If we are shooting for precision, that seems to work since it means it might change. "Temporary" seems to imply it is very likely going to change, which has never been the case with these. Dennis Brown - 2¢ 19:20, 8 April 2021 (UTC)

  I read the word "temporarily" as grammatically redundant to the preceding "during which time". Practically speaking, an RfA during those 3 months would most likely be unsuccessful, and a bureaucrat restoring the bit based on a request here would be out of order. – bradv🍁 20:28, 8 April 2021 (UTC)

• While we should always be aware of unintended consequences of the phrasing of rulings, I think this is sufficiently clear and the possibility of Carlos returning and expecting to just get the bit back is low enough that we probably don't need to be overly concerned. "Provisional" can be considered for future decisions of this nature though. Beeblebrox (talk) 22:23, 8 April 2021 (UTC)
  • FWIW I wrote "provisional" in my notes about this user in the former admins pages (e.g. Wikipedia:Former administrators/chronological/2021) to avoid confusion with actual temporary desysops ... which are rare, but have happened; also see many of the resysops made by arbcom decision in this table. SlimVirgin's temporary desysop (linked above) was the first that came to mind for me but certainly not the only one. Graham87 07:25, 9 April 2021 (UTC)

Hello, the annual-ish crat activity review has been completed. The report can be seen here: Wikipedia:Bureaucrat activity. No follow up actions are required. Best regards, — xaosflux ^Talk 14:57, 3 May 2021 (UTC)

The following inactive administrators are being desysoped due to inactivity. Thank you for your service.

1. Husond (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

   Last admin action: Apr 2019

2. MattWade (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

   Last admin action: Aug 2013

3. MJCdetroit (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

   Last admin action: Apr 2019

4. Carioca (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

   Last admin action: May 2018

5. Vague Rant (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

   Last admin action: Oct 2016

6. Kingboyk (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

   Last admin action: Apr 2020

7. Thunderboltz (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

   Last admin action: Apr 2020

8. Gwen Gale (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

   Last admin action: Sep 2015

9. AniMate (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

   Last admin action: Mar 2018

— xaosflux ^Talk 00:07, 1 May 2021 (UTC)

Xaosflux, Two had actions 12 months ago, which is understandable. The others were more than 12 months, Why weren't they picked up earlier? Am I missing something obvious? S Philbrick(Talk) 00:20, 1 May 2021 (UTC)

Checking again. — xaosflux ^Talk 00:22, 1 May 2021 (UTC)

@Sphilbrick: I'm sorry, I'm not seeing what you are referring to here? If you referencing a "page created" action, that is already considered an "edit". If we are missing something else can you please give me a specific example? — xaosflux ^Talk 00:27, 1 May 2021 (UTC)

If you mean, why weren't these admins marked inactive earlier? We only consider admins inactive if they have 0 actions AND 0 edits for 12 months, we note the admin actions here for consideration against the lengthy inactive admin 5 year rule - should they ask for restoration. — xaosflux ^Talk 00:29, 1 May 2021 (UTC)

Xaosflux, My mistake, I read the rule too quickly, I thought it was 12 months since last admin action. Edits that are not admin action count toward tolling the period. Sorry. S Philbrick(Talk) 00:31, 1 May 2021 (UTC)

@Xaosflux: What are you listing as admin actions? Eg for Husond, their April 2019 log show a few page moves, but those don't appear to have been "admin actions" in the sense of needing admin rights. The last "admin action" I see is Special:Redirect/logid/84414989 deletion in July 2017 (unless you count moving without leaving a redirect, but since page movers can do that, does that count as an admin action?). Likewise, what was MJCdetroit's admin action in April 2019? There don't appear to be any log entries. Can I suggest linking to what you have labeled the last admin action for each user, so that its clear and easier to find? Thanks, --DannyS712 (talk) 07:59, 2 May 2021 (UTC)

@DannyS712: This is more of a "last logged action by the admin", as referenced in the report linked in the header above and is not prescriptive; a discussion on if certain actions qualify or not would be reserved for if it becomes necessary. There is somewhat of a grey area between actions afforded to (all users) and those solely available to sysop's - especially when there is overlap with other groups. — xaosflux ^Talk 08:36, 2 May 2021 (UTC)

Closing an WP:AE discussion is a good example of an unlogged admin action. I take the "last action" in these lists as informative approximations, not lines in the sand, and subject to review if someone is on the cusp and comes back requesting the bit. We can't expect you to go digging for every unlogged action when making this list, and I assume the onus would be on them to demonstrate unlogged actions within time limits if they are requesting the bit back. 99% of the time, it is moot, so the approximation in the list is good enough. Dennis Brown - 2¢ 11:25, 2 May 2021 (UTC)

We've had this discussion before, a few times, but I would once again say that if you been "doing admin stuff that isn't logged" and somehow haven't found a reason to use a single admin tool in five years, what are you doing, exactly? It's more or less impossible to do things like closing AE discussions and never run across a single reason to use the tools while doing so. I still think the standards are laughably lax, and not using the tools for five years should lead to desysopping even if they are otherwise still editing, for the manifestly obvious reason that the user already is not an admin, but so long as we insist on coddling them with piles of notifications even that rule would be ridiculously easy to game to keep the tools forever. Beeblebrox (talk) 22:45, 2 May 2021 (UTC)

Gaming is way too easy in the current system: See the case of the perpetually inactive bureaucrat and admin who has been active for a few years now and is reaffirming his availability once a year to keep the tools but not really doing much in the way of adminning or cratting or even editting . ( Their last 50 edits go back 6 years. ) They just recently narrowly avoiding getting their tools removed in this inactivity update, in fact. Jackattack1597 (talk) 00:56, 3 May 2021 (UTC)

Ah, User:Cecropia? You'll be glad to hear that we'll be seeing more of them in future; so far, with ~200 edits in 12 years, we see more of Halley's Comet. ——Serial 11:56, 3 May 2021 (UTC)

Should User:Cecropia bureaucrat role be removed? As per Wikipedia:Bureaucrats: "If a bureaucrat does not participate in bureaucrat activity for over three years, their bureaucrat permissions may be removed." -- WOSlinker (talk) 12:17, 3 May 2021 (UTC)

WOSlinker: The current bureaucrat activity requirements include commenting as a bureaucrat at any venue including WP:BN/RFA/RFB/RFBAG/BRFA ... or signalling that they remain actively engaged and available for bureaucrat tasks. They've minimally qualified (though seem to have had several false starts on resuming active engagement). –xeno^talk 12:50, 3 May 2021 (UTC)

(edit conflict) Wikipedia:Bureaucrats'_noticeboard/Archive_43#Cecropia_wants_to_remain_an_available_bureaucrat + Wikipedia:Village_pump_(policy)/Archive_157#RfC:_Bureaucrat_activity. I think under current policy, a crat saying they want to remain a crat counts as activity. ProcSock (talk) 12:57, 3 May 2021 (UTC)

Yes, see Wikipedia:Bureaucrat activity - we had 2 'crats that were hitting the 3 year mark last year, as they both commented that they want remain crats here at BN it pushes any further review on them up 3 years from then. — xaosflux ^Talk 13:39, 3 May 2021 (UTC)

... although the other of them actually returned to activity as an editor and went on to perform a logged bureaucrat action (the flagging of a bot) 2 weeks later. * Pppery * _{it has begun...} 14:08, 3 May 2021 (UTC)

I mean, there's not exactly an overwhelming pile of crat activity for Cecropia to do, isn't there? If we get three crat chats next month and he's nowhere to be seen, we can start wondering what he's got a wrench for. Perhaps we should be pushing borderline candidates into RfA. I overall can't really feel broken up about "inactive crats"; there are nineteen crats, there's no urgent need to trim the ranks. Vaticidalprophet 16:56, 3 May 2021 (UTC)

As a counterexample, one admin edited once a year for five years to keep the bit, and then upon resuming editing became one of our most active administrators. -- Tamzin (she/they) | o toki tawa mi. 01:27, 3 May 2021 (UTC)

long-term semi-inactivity

• The situation is that the community are concerned that long term inactive admins become out of touch, and may use the tools inappropriately; while long term inactive admins who feel they may wish to return to active editing at some point are concerned that if they are desysopped that they'll have to go through another RfA. I think we'd all be happier if inactive admins were desysopped and were unable to game the system by making token edits once a year. And we'd all be happier if RfA were still rigorous but less stressful. One possible solution would be to be much firmer on desysopping inactive admins in return for a less stressful Returning from Inactivity RfA which would be held without comments and with a secret ballot. Perhaps have a pool of "admin knowledge" questions from which could be randomly generated three questions per year of inactivity. So an admin inactive for three years would have to answer nine questions randomly selected from the pool by the bot setting up the RfA. The rationale behind the questions being randomly generated is so that returning admins are less able to game the system by cribbing from previous answers. The main stress in an RfA is reading negative comments - by not having comments, there would be less reluctance to going through an RfA. A blind ballot should also encourage more honest voting and inhibit potential cronyism. SilkTork (talk) 07:53, 3 May 2021 (UTC)

  SilkTork, I think "out of touch" is just part of the concern (and most out of touch admins that start using their tools inappropriately have been quickly desysopped). I think the other issue is a deep feeling of injustice: they say it is extremely difficult to pass RfA these days, while legend has it that it used to be a walk in the park. Many current admins appear to be less worthy of adminship than many of the super high experienced non-admins. Your proposal addresses the injustice a bit, but it still sets up a two-class system of users who have been admins before and users who haven't, so I'm not sure it would succeed. (Mind you, I don't have a much better idea: in my head the problem goes away if we just +sysop hundreds of extra people, say, by requiring RfA from anyone who has held more than four permissions for over a year.) —Kusma (t·c) 13:22, 3 May 2021 (UTC)

  Not sure about forcing those users into an RfA, but exploring the idea of allowing such users to be converted by way of a process akin to Wikipedia:Tool apprenticeship might lead somewhere. –xeno^talk 13:36, 3 May 2021 (UTC)

  @Kusma I'm not sure about that. It isn't as if RFA was rejecting lots of well qualified candidates. We have just had two consecutive months without a new admin, and very few candidates this year but the few we get usually pass by acclamation. If there are lots of super high experienced non admins, why don't some of them submit RFAs? ϢereSpielChequers 17:11, 3 May 2021 (UTC)

  I don't know. One of my unscientific observations at RfA is that highly experienced non-admins tend to have very high standards for adminship, and may have contributed to the very high standards we have now. I'd just like to change the expectation a bit: any experienced Wikipedian (ok, only those who can control their temper) should be expected to apply for adminship, and the vast majority should get it. Anyone who has collected a handful of the other rights should consider adminship. —Kusma (t·c) 18:32, 3 May 2021 (UTC)

  Or just be given +sysop if they have used a bunch of other advanced permissions for a while and not broken anything. —Kusma (t·c) 19:18, 3 May 2021 (UTC)

  Funny you should say that... Primefac (talk) 00:44, 4 May 2021 (UTC)

  @WereSpielChequers, ultimately I think there is no agreement on what's broken at RfA. I have collected 10 different reasons I've seen people say RfA is broken (plus the idea that RfA isn't broken). If the premise that there are highly experienced non-admins who aren't running (and I will tell you that I think there are as my offers to nominate editors are turned down far more often than they're accepted - roughly 6 times as many as editors have turned me down as accepted) it could be for reasons including that admin is undesirable, it's too much like a vote (what SilkTork posits above), or there are too many questions. Best, Barkeep49 (talk) 18:41, 3 May 2021 (UTC)

• Honestly, it would be far more productive if effort was put into actually changing the activity requirements for admins. Right now, it's tedious and achieving nothing by re-hashing this topic on this noticeboard every time someone takes issue with the activity of someone with permissions. Acalamari 11:27, 3 May 2021 (UTC)

  Wikipedia:Requests for comment/Change to sysop activity requirements. There's also many who believe it's mostly a non-problem. IMO, for any issues with the composition and addition/removal processes of sysops, inactive sysops come in near the bottom of the list as, at worst, mostly harmless. ProcrastinatingReader (talk) 11:46, 3 May 2021 (UTC)

• But how much has really changed in the last 5-10 years? I'll admit that I miss the WP:UPDATE that Dank used to roll out for us (ty by the way for that). But really truly meaningful changes in policy? Not changing words like "can" to "may", but what has changed in any meaningful way? Admins are elected on a platform of trust to do the right thing when it comes to our project. IMO, just about the biggest change is that we can block disruptive editors from individual pages now. Even those pesky WP:ACDS were around 10 years ago.

  Even if various WP:ACE may arbitrarily interpret how to apply things like WP:INVOLVED or WP:COI, the concept is still the same. If User:AdminA was trusted in 2015 or even 2010, who really thinks that if they don't edit for a year or two that they're going to waltz in and cause a huge disruption in 2021?

  Gaming? IMO it's more gaming a way to remove a mop from 'old-timer' editors who were considered trustworthy. I know of one admin who followed without contributing, and when they had time to return, did so in a most positive way. The "Gaming" IMO is more from editors who seem to be saying, "well maybe you trusted user:xyz 10 years ago, but I wasn't here then, so I can't trust them now."

  The two biggest uses of the mop may be: 1. If an editor is being disruptive, and has ignored the warnings and policies - then block them. 2. If a page has become disruptive by multiple editors, then protect it. Granted it's a bit of an over-simplification, but it is pretty "nutshell". /end frustrated post. — Ched (talk) 17:36, 3 May 2021 (UTC)

• Mostly what Acalamari said, this has been rehashed atleast a few thousand times before and I think we have generally come around to the conclusion that almost-inactive admins and crats have not and will not manage to delete Wikipedia off the face of the earth. I think that's an acceptable compromise. --qedk (t 愛 c) 17:44, 3 May 2021 (UTC)
• Although I commented above, it is true that bringing this up here again and again is never going to accomplish anything. The 'crats enforce the policy, they don't make it and can't change it. Beeblebrox (talk) 17:48, 3 May 2021 (UTC)

T&S has apparently decided without any consultation whatsoever that stewards only should be able to grant int-admin. See phab:T282624. There is also no particularly obvious rationale why.

(Why T&S is making decisions like this is not obvious to me. I am not particularly sure they are the correct internal group to do so, much less without any consultation.) Izno (talk) 23:48, 11 May 2021 (UTC)

Maybe they've just been busy being involved with that WMF UCoC stuff? IDK. — Ched (talk) 00:00, 12 May 2021 (UTC)

There is a legitimate reason for this: 1) nothing is making bureaucrats check to make sure 2FA is enabled for interface admins before granting 2) bureaucrats also are not required to have 2FA at present. That being said, I agree about the concerns re communication. --Rschen7754 00:03, 12 May 2021 (UTC)

If those are the reasons, then the software should enforce 2FA before granting and should enforce either a) that the granting bureaucrat has 2FA or b) that all bureaus locally have 2FA.

(Don't worry, I have other suggested changes to implementation path depending on rationale, the majority of them without punishing wikis that do a good job managing the permissions of interest.) Izno (talk) 00:10, 12 May 2021 (UTC)

I think enforcing 2FA on bureaucrats would probably be a more sweeping change, especially in countries where 2FA is not possible for legal reasons. --Rschen7754 00:19, 12 May 2021 (UTC)

Also note that enforcing 2FA on granting is one of the things that are easy to say and hard to do. For instance, one can easily disable it after the check. Of course, software can also automatically demote, but that has also some implications (notably, regenerating scratch codes requires disabling 2FA for a while).

Of course, the current system is far from perfect, I just wanted to point out that requiring 2FA on granting IA can easily turn out to be a pretty big project. Martin Urbanec (talk) 01:05, 12 May 2021 (UTC)

I think this is a sensible change. If crats aren't required to have 2FA, then requiring it of intadmins is 100% pure security theater. But yeah, the "because we said so" style of communication is hardly going to encourage support of this change. Suffusion of Yellow (talk) 00:34, 12 May 2021 (UTC)

• For "paperwork" updates for our procedures etc, feel free to join in the discussion at Wikipedia:Interface_administrators'_noticeboard#Local_impacts. — xaosflux ^Talk 01:06, 12 May 2021 (UTC)
• I've said we should get rid of bureaucrats completely and move all their functions to stewards, so I support this. TonyBallioni (talk) 01:11, 12 May 2021 (UTC)
  • What, you don't support the traditional tar-and-feather round for T&S? More seriously, this has exactly the same odor as FRAMBAN. Someone in a smoke-filled room made a decision, and rammed it down Wiki's throats. That caused months of drama last time. Whether the decision is the correct one isn't the issue, it's being arrogant to the point of making it clear they make the decisions and the peasants don't need to be notified, let alone be consulted. Tarl N. (discuss) 03:26, 12 May 2021 (UTC)
• So superprotect is back? —Kusma (t·c) 05:04, 12 May 2021 (UTC)
  • Not sure how this has anything to do with superprotect, even metaphorically. As Suffusion of Yellow says, the 2FA requirement for intadmins is pointless if the people who assign the permission aren't required to have 2FA themselves; this change certainly makes sense from a security standpoint. It's of course not very diplomatic of the devs to make this change without consulting the communities, but realistically, there's no good alternative or objection to be made (other than extending the 2FA requirement to 'crats, which would be even worse, or eliminating the 2FA requirement altogether, which would never fly for several reasons), so any discussion they might have started about it would be pointless, since it couldn't possibly affect the outcome. Overall, this is definitely not the hill I'd choose to die on. Writ Keeper ⚇♔ 05:22, 12 May 2021 (UTC)

    Well, intadmin does pretty much the same as superprotect did. The difference was that granting the flag was a matter for the local community. Now we're back to having no local control. Whether that is a problem we'll see next time we need to use intadmin to disable some unwanted WMF "innovation". —Kusma (t·c) 07:00, 12 May 2021 (UTC)

    This is just procedural, though, right? Like are stewards planning on enforcing new requirements here? Or is it like other things they handle, where someone with local authority to do something (ArbCom for ±CU/OS, 'crat for -crat, admin for bigdelete) makes a request and a steward actions it as long as all procedural requirements have been met? -- Tamzin (she/they) | o toki tawa mi. 07:09, 12 May 2021 (UTC)

    Pretty much. The stewards would check that both local and global policies were followed, and assign the flags if they were (for instance, 2FA for int. admins and confidentiality agremeent for CU/OS). Martin Urbanec (talk) 12:05, 12 May 2021 (UTC)

    @Kusma: Well, intadmin does pretty much the same as superprotect did. Nnnnno, it really doesn't. I mean, in the absolute most simplistic of terms, I guess, in that it involves pages that admins can't edit. But the whole point of superprotect was that it was a level of protection that a) could be applied to any page as the WMF Office saw fit and b) once applied, only the WMF Office could edit the page. Neither of those things are true for intadmin: it's not a level of the protection tool that can be applied to a page but a very specific control that is only active and can only be active on interface pages (i.e. pages that are .js or .css pages). It can't be applied to non-interface pages, including anything in mainspace. It's also not mediated by WMF Office; intadmins are (with a couple of dev exceptions) all community members, and since stewards are also all elected community members, nothing about this is changing anything about that. Superprotect is not a useful comparison, especially given its fraught history. Writ Keeper ⚇♔ 16:07, 12 May 2021 (UTC)

    The whole point of superprotect was to prevent this edit. —Kusma (t·c) 16:41, 12 May 2021 (UTC)

• You know, I have been wondering for a while whether bureaucrats not being required to have 2FA despite having the permission to grant 2FA-requiring rights made sense from a security perspective. So this makes perfect sense to me. I wouldn't worry about it being a return to superprotect, from what I know stewards are not known for interfering with local projects overmuch and the steward elections I've seen have been very unforgiving with folks who are too intervention-happy. Jo-Jo Eumerus (talk) 08:28, 12 May 2021 (UTC)

• This is how I read it - it's purely a procedural thing, which makes total sense from a security standpoint. I have no concerns either about stewards "interfering" in local processes, as all the stewards I know would abhor such a thing. The communication of the change however was, as usual, abysmal... ƒirefly ( t · c ) 08:29, 12 May 2021 (UTC)

• I think Tony has a point. Would the remaining 'crat work (essentially approving bot tasks and closing the odd RfA) be too egregious for the stewards to take on? Let's separate out what the message was (a fair comment) from how it was delivered (badly). Ritchie333 ^{(talk) (cont)} 09:36, 12 May 2021 (UTC)

  I'm happy to have our bureaucrats return their bits if we can have five admins in exchange for each. —Kusma (t·c) 09:50, 12 May 2021 (UTC)

I guess bitcoin is out of the question? Ritchie333 ^{(talk) (cont)} 09:55, 12 May 2021 (UTC)

• More seriously, we ought to have enough work for our bureaucrats. That we don't have enough RfAs for them to close has been true for 10 years, but it sure isn't good (speaking as one of the 34 admins promoted in April 2006). —Kusma (t·c) 10:09, 12 May 2021 (UTC)

  I am not sure, are stewards qualified to take a decision whether to promote or not to promote an admin on say the Russian Wikipedia? Or are they only supposed to take the crat tasks of the English Wikipedia?--Ymblanter (talk) 09:56, 12 May 2021 (UTC)

  crats don't approve bot tasks. They flag bots, but that role seems mostly ceremonial. As it should be, since a bot can be flagged indefinitely after a basic Task 1 and later file a more controversial Task 2 which would not require another flag (since the bot is already flagged from its Task 1). I don't think stewards are going to take over crat chats, and apparently closing RfCs on meta by stews takes long enough. ProcrastinatingReader (talk) 11:03, 12 May 2021 (UTC)

  Where consensus is clear in an RfA (like the two we've had in 2021), I suppose handing the task to stewards wouldn't be too problematic. But in edge cases in the discretionary range, I think bureaucrats get their credibility because they are locally chosen and are intimately familiar with how the English Wikipedia works. I wouldn't be a fan of handing the bureaucrats' tasks over to stewards; it's not like they're being overworked. Sdrqaz (talk) 12:23, 12 May 2021 (UTC)

• The way I am reading this is that WMF are concerned regarding the security risks attached to the int-admin rights, and feel that when those rights are granted, that a check is made to ensure the user has 2FA enabled. So far, so good. The next step is the one that concerns me. Instead of consulting the communities to discuss the best way of implementing the changes, the WMF spoke to some stewards in the basement of the planning department on Alpha Centauri and made their own decision. Instead of considering the possibility of enabling 'Crats to check if a user has 2FA enabled, it was decided, without consultation with the communities, to take autonomy away, and allow just stewards to flick the switch, without consideration of the process. Under the current procedures there is a 48 hour discussion, and a 'Crat makes the decision. Is that process still to take place? But when the 'Crat makes the decision they then need to ask a steward to flick the switch? Or is the intention that requests go straight to stewards, and the local community is by-passed? The wording is "the granting of the interfaceadmin permission should be performed exclusively by Stewards", which sounds like the local communities are being bypassed.

I'm slightly angered at the arrogance, insensitivity, inelegance, and prejudice displayed here. The WMF have made a decision to reduce the autonomy and self-governance of local communities without either consulting or even notifying those communities. WMF acts as though they are an authority over the communities rather than the trust which helps us to run. The better approach would have been a consultation with the major communities to raise the issue and seek solutions - the obvious one being that 'Crats with 2FA are enabled to make the 2FA check. Simples. SilkTork (talk) 10:26, 12 May 2021 (UTC)

The flagging of IAs has always been security theatre, but then a lot of community norms on 'security' are. Even with the check of 2FA status this doesn't work because 2FA can be disabled later. The smart thing to do is the WMF codes up something so that the software enforces this requirement and automatically deflags if 2FA is removed, requiring a crat/stew to manually take action to reinstate the flag (eg if the IA is changing 2FA devices). ProcrastinatingReader (talk) 11:20, 12 May 2021 (UTC)

ProcrastinatingReader, if we trust intadmins not to go rogue, we should be able to trust them not to suddenly allow others to take over their account. There are probably a couple hundred more urgent tasks for developers to do than technically enforcing something that is based on trust in a person doing the right thing. —Kusma (t·c) 11:52, 12 May 2021 (UTC)

I'm not saying it should be done, I'm saying if the WMF wants to go down this road then the change which lets only stews flag IA (because only they can check 2FA status) just doesn't make sense for the aforementioned reasons. If the WMF wants to enforce the restriction, it should be technically enforced by the software, as that's the only reasonable way to enforce it. ProcrastinatingReader (talk) 11:55, 12 May 2021 (UTC)

Or is the intention that requests go straight to stewards, and the local community is by-passed? Per Martin's above response to me, it seems that everything will work the same in terms of the decision to +IA, except that a 'crat will have to request at SRP rather than assign the bit themself. Same as how decratting currently works. -- Tamzin (they/she) | o toki tawa mi. 12:46, 12 May 2021 (UTC)

ProcrastinatingReader - that makes sense to me, and is an example of one of the ideas this community could have come up with if the WMF had consulted us. SilkTork (talk) 12:49, 12 May 2021 (UTC)

• For me this is a 3 or 4 on the "how much does this WMF action upset me" on a -10 to 10 scale (i.e. -10 means I'm THRILLED with a foundation action while a 10 would be in FRAM territory). I'm of the mind that project security is a legitimate foundation function. I think consulting with the stewards is also a reasonable enough step though also maybe consulting with the communities whose crats are impacted seems like a no brainer. I'm curious why they didn't. That said, if Stewards are going to be consulted in cases like this I wish they would have supplied the "Maybe you should talk to the communities" feedback we're giving now. I'm guessing they gave feedback more in the realm of "we have capacity to do this work" rather than taking on the role of ambassador. Perhaps they didn't sign up to be ambassadors but if the foundation is going to treat them as such they either need to no do it (i.e. not provide feedback in situations like this) or to make an attempt to represent the projects on whose behalf they're speaking for. Best, Barkeep49 (talk) 15:28, 12 May 2021 (UTC)

  Apparently it is T&S's position that private communication with stewards constitutes community discussion. It'd certainly be surprising if stewards didn't realise the optics aren't great of the WMF unilaterally "moving quickly" to remove granting and removal permissions from local communities without any notice/discussion. ProcrastinatingReader (talk) 15:59, 12 May 2021 (UTC)

  I actually think that this is a reasonable position for the foundation to take in matters of sensitive information - such as project security. That's why I think it's incumbent on the stewards to actually represent the community that the foundation is having them represent and why I posted a version of these thoughts on the Stewards' noticeboard. Best, Barkeep49 (talk) 16:05, 12 May 2021 (UTC)

  I think the concern is process and optics. If one offers a discussion period possibly there'd be better approaches raised (or not, but consultation isn't binding of course and then it could then said folks were allowed room to raise their concerns). But when one tries to push it thru via Phabricator and Gerrit - obscure boards, relatively speaking - the optics are different. It's been like this for so long that waiting another month for discussion seems harmless, and avoids unnecessary criticism if nothing else. ProcrastinatingReader (talk) 16:15, 12 May 2021 (UTC)

  I think we largely agree? To be clear I think a reasonable chain of events would have been: 1)Foundation decides this is a security risk that needs addressing 2)Comes up with the idea they did here 3)Present idea to stewards 4)Stewards say "sure we can do it but you should let the communities who have crats who do this know" 5)Foundation lets communities know 6)Feedback is given 7)Revised plan made 8)Revised plan implemented. Best, Barkeep49 (talk) 16:25, 12 May 2021 (UTC)

  Stewards aren't a GovCom and are only elected to carry out community consensus. It got us (I was a steward at the time) in trouble during the process where renames were shifted away from bureaucrats to stewards and their delegates and it's still not okay now. --Rschen7754 18:07, 12 May 2021 (UTC)

• I don't see this as a big deal. If I understand the situation correctly, we will still be able to decide for ourselves who is granted int. admin rights, stewards will simply be the ones flipping the switch. This has been true for CU and OS rights for quite some time and it has never been a problem. It's true that 'crats don't have much of a workload, but for the few tasks that do remain in their remit, I would rather have them doing it than stewards. Beeblebrox (talk) 20:07, 12 May 2021 (UTC)
  • Indeed, my guess is that stewards will most likely be rubber-stamping all requests from enwiki. What might be affected are requests from smaller wikis where minimum vote requirements, for example, might be enforced. --Rschen7754 00:05, 13 May 2021 (UTC)
• Good change for security reasons the community cannot overrule, the Foundation has to enforce either 2FA for bureaucrats, or move the permission to grant INTADMIN to stewards. Furthermore, the Phabricator ticket says "Communicate with projects" is part of their plan. The outrage about a "lack of communication" is a misunderstanding of how open organizations work. Should the ticket have been kept secret until after the communication is done? User:力 (power~enwiki, π, ν) 20:11, 12 May 2021 (UTC)

  A ticket titled: "Decide what to do about bureaucrats granting IA" with text laying out the whys and wherefores and especially the which and why nots speaking to the problem rather than the solution is good bug reporting practice. So no, keeping things secret was never a necessity. Izno (talk) 20:20, 12 May 2021 (UTC)

Arbitrary break

Without commenting on the mishegas, I'll note that the task was updated to say Note: We are putting this on hold for a little while to work on a communications plan., with further notes at phab:T282624#7083246. ~ Amory (u • t • c) 20:36, 12 May 2021 (UTC)

A welcome development. —Kusma (t·c) 20:51, 12 May 2021 (UTC)

• Grumpy McGrumpface has only 2 comments:
  1. I'm surprised, after all previous drama, that WMF in general and T&S in particular hasn't taken to heart the simple, respectful, and obvious 8-step checklist Barkeep posted above (16:25 UTC). Steps 6, 7, and 8, in that order, are important, even if nothing ultimately changes, and no matter how reasonable the proposal. Otherwise, it's just one more reason for the lack of trust. How is it possible that this checklist has not been put on a post it note and stuck to the monitor of everyone who works for WMF/T&S?
  2. 2FA still seems like security theater to me. I'm dreading D-day, when 2FA becomes mandatory for admins, because by D+3 I'm going to have locked myself out of my account. I'm an idiot, of course, but Jehochman (who isn't) has commented about this a while back, and I'll try to find a link.

     Easier to find than I thought: here. And pinging @Jehochman: as a courtesy. --Floquenbeam (talk) 21:44, 12 May 2021 (UTC)

--Floquenbeam (talk) 21:40, 12 May 2021 (UTC)

It is actually even worse, I am a Wikidata crat, and nobody cared to tell me anything. If I did not have this page (and a crat page of Commons) on my watchlist (and I do not even remember why I got these pages on my watchlist), I would not even know about the development.--Ymblanter (talk) 21:53, 12 May 2021 (UTC)

If 2FA is such a big deal, I'm sure the WMF could have tweaked the code so that any crat who doesn't yet have 2FA enabled was unable to set it. But no matter, it has happened now. On a broader note, yes we don't get to do much as crats - in recent years there have been far more desysops than closing RFAs. However, despite a decade of disappointment I still hope the day will come when RFA turns a corner and we get a new generation of admins coming forward. Call me an optimist, but remember there are lots of editors on Wikipedia who could easily pass RFA if they ran. ϢereSpielChequers 21:55, 12 May 2021 (UTC)

Hahahahahah. That is possibly the funniest thing I have read on this board, WereSpielChequers. The WMF 2FA is ridiculously below even the basic industry standards, it is not owned or maintained by the WMF but by a few volunteers, it was written specifically for very high level developers who all knew each other and is now being crammed down the throats of people who don't have any English language skills or developer buddies, it actively cannot be used in certain geographies. In other words, it is worse than security theatre. This is not a safe bit of software, and if it was written today instead of many years ago when only root admins needed it, it would have failed every security test. The WMF knows this. They have done absolutely nothing to change this. Risker (talk) 01:04, 13 May 2021 (UTC)

@Risker: Seen a couple of comments that 2FA can't work based on the geography of the client for some reason? Is there a ticket open on this? I'm having a hard time reconciling why I would even need to be on the planet at all to use it, as long as my clock was synchronized? RFC 6238 doesn't seem to mention any such limitation. — xaosflux ^Talk 02:12, 13 May 2021 (UTC)

My understanding, from a couple of users in a heavily censored country, is that there are significant difficulties in ensuring constant access to supporting apps. It's not a Wikimedia problem, per se; as I understand it, it's a censorship issue that doesn't directly relate to 2FA. It's been over a year since I was told this, so things may have changed. Since it's not a problem I've personally experienced, it never occurred to me to look for a phab ticket. Risker (talk) 04:00, 13 May 2021 (UTC)

There's potential issues with the encryption - whether a US-based company can export an app containing the encryption to a different country or not - or whether the other country will allow the app into the country. I could also see Google Authenticator, for example, being banned in a country that bans most Google products. It is probably something that should be researched more thoroughly. --Rschen7754 04:32, 13 May 2021 (UTC)

I'll note in addition that a surprisingly large number of users in those censored countries use easily available VPN services, most of which have built-in 2FA software, which I assume should work if the VPN software works. (I know this because I do a lot of IPBE work.) If they're using 2FA through that service, it's likely to meet higher standards than the comparatively unsupported system attached to MediaWiki. Risker (talk) 05:21, 13 May 2021 (UTC)

I'm likely in the minority based on past discussions about 2FA, but I don't understand the distrust or dislike towards implementing a more rigorously implemented 2FA system, at least for admins+. 2FA is never going to be the be-all-end-all of account security, indeed if someone has reached the stage where they need a 2FA code, you're likely screwed in other respects. However, I don't think those that oppose widespread 2FA appreciate its value. It's known that people reuse passwords, and it would be a stretch to everyone to stop doing that, more so than asking people that are dedicated to the website (admins+) to download an application to make sure that you don't get compromised and accidentally deface the 13th biggest website globally. Risker mentioned above that there are significant difficulties in ensuring constant access to supporting apps, though I slightly disagree.

While it is true that the Google Authenticator app could be removed from the app store, there are multiple alternatives. For mobile, you can download Authy, a password management service that includes the ability to sync authentication codes between devices (I don't know if this is behind a paywall, though I'm fairly sure that the stock-standard authentication service is free). For desktop, there are a range of options. WinAuth is open source and hosted on GitHub, so if GH is blocked someone can fork it and send it to you. There are also in-built browser add-ons, like Authenticator. I've not used this and I can't vouch for its security, but it's another option. It should also be noted that an internet connection is not required to generate codes, so you don't even need a VPN. The best option though would be to have the WMF spend some of their millions of donation money on improving the Wikipedia app to include an in-built proprietary 2FA system, like Steam or Battle.net that generate codes but require you to be logged in, or like Google, which doesn't give a code but rather forces you to have two devices on hand (this one may not be as good for our purposes). That only really leaves concerns like Floquenbeam's, but perhaps having auth codes on the same device that you log in on may alleviate some of the possibility of losing the codes. Anarchyte (talk • work) 06:04, 13 May 2021 (UTC)

Thank for the notes, so there doesn't seem to be any "where you are" technical constraint, but there could be political constraints - though that hardly will apply to only the TOTP protocol we use. I agree that "customer service" for WMF accounts is abysmal, and even more so for the 2FA components. But again, customer service to our userbase for all things technical is pretty sad - and the fix requires hiring a lot more IT staff. — xaosflux ^Talk 10:26, 13 May 2021 (UTC)

I accidentally locked myself out of my account with Wikipedia's 2FA a few times. The integration is really poor. I managed to get back in because there's a bypass to disable 2FA as long as you're logged in somewhere (normally it forces you to reconfirm with the device to disable it IIRC). Never used the functionality again, though. ProcrastinatingReader (talk) 09:08, 13 May 2021 (UTC)

• I would echo SilkTork above and extend it to say it seems like a gradual power grab. Every since FramGate, they keep upping the ante. Eventually, they will just hand pick the admins and anyone that doesn't like it to go suck lemons. Of course, they will deny this, until they properly conditioned the community to just shut up and write pretty words for free, the one thing most of them can't do. Dennis Brown - 2¢ 13:02, 13 May 2021 (UTC)
  • I could see this as a power grab if the WMF reserved the right to assign intadmin for themselves, but the stewards aren't the WMF. It's absolutely fair to criticize the deployment plan for this, and fair to disagree with the change itself, but I really don't think this merits the level of vitriol that we're displaying here. Writ Keeper ⚇♔ 13:57, 13 May 2021 (UTC)
    • I'm not blaming the stewards, they had no role in the decision. And the level of vitriol is appropriate given the sequence of events with the Foundation chipping away at the autonomy of the project, thank you. This is not an isolated incident, it is merely part of a disturbing pattern that appears to be accelerating. Constantly imposing their will without even discussing the changes with the community. Like VE, FramGate, CoC, they continue to impose rather than engage. Dennis Brown - 2¢ 19:12, 13 May 2021 (UTC)
  • As a steward for several years I can say that we are definitely not the WMF and just as reluctant as anyone here at WP to become in fact or by action part of the WMF. Most stewards are very reluctant to get involved anywhere where we don't have the support of the local community to do so. QuiteUnusual (talk) 14:42, 13 May 2021 (UTC)

The following inactive administrators are being desysoped due to inactivity. Thank you for your service.

1. Eliz81 (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

   Last admin action: Oct 2009

2. ThaddeusB (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

   Last admin action: May 2015

3. Who (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

   Last admin action: Mar 2011

4. Vianello (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

   Last admin action: Mar 2020

5. Mulad (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

   Last admin action: Feb 2010

— xaosflux ^Talk 00:19, 1 June 2021 (UTC)

Four out of five subject to the five-year rule. That seems like it might be a first. Beeblebrox (talk) 21:21, 1 June 2021 (UTC)

The "five-year rule" being .. have to go through RfA again and can't ask here at WP:BN? — Ched (talk) 22:36, 1 June 2021 (UTC)

Correct. P-K3 (talk) 22:37, 1 June 2021 (UTC)

Can't remember where we bumped heads, but ThaddeusB is a name I recognise. Shame. 22:58, 1 June 2021 (UTC) — Preceding unsigned comment added by Serial Number 54129 (talk • contribs)

Sad to see Eliz81 on here. Another of my fellow 2007 class gone. :'( Acalamari 08:09, 2 June 2021 (UTC)

Impressive that three of the five would be subject even if it was a 10 year rule.Jackattack1597 (talk) 16:58, 2 June 2021 (UTC)

Side note: I wonder if it would be a good idea to extend the five year rule to the inactivity policy, because they already aren't much of an admin if they haven't used the tools for five or ten years.(IE: if an admin has not used the tools in five years but has edited recently they can be desysopped for admin inactivity. )Jackattack1597 (talk) 17:06, 2 June 2021 (UTC)

If anyone would like to follow up on that, please do so at WT:ADMIN, not here. — xaosflux ^Talk 17:27, 2 June 2021 (UTC)

Agreed. As I've said before, we don't need to keep having a discussion here about the inactivity requirements every time we have desysoppings for inactivity. Acalamari 19:11, 2 June 2021 (UTC)

Yep. I was only intending to make an observation, not initiate a debate. Beeblebrox (talk) 20:10, 2 June 2021 (UTC)

• AGK (current rights · rights management · rights log (local) · rights log (global/meta) · block log)

Not currently using my admin rights, so please remove them. Thank you. AGK ■ 07:04, 18 June 2021 (UTC)

 Done. That's been done for you AGK. SilkTork (talk) 07:46, 18 June 2021 (UTC)

Ragesoss (t · th · c · del · cross-wiki · SUL · edit counter · pages created (xtools · sigma) · non-automated edits · BLP edits · undos · manual reverts · rollbacks · logs ^{(blocks · rights · moves)} · rfar · spi · cci) (assign permissions)^{(acc · ap · fm · mms · npr · pm · pcr · rb · te)}

I'd like to get interface-admin rights again, as I have some updates to make to the Wiki Education guided tours. (I've had them several times before, but I don't tend to use them often enough to avoid having them removed for inactivity.)--ragesoss (talk) 16:05, 28 June 2021 (UTC)

@Ragesoss: do you currently have WP:2FA enabled on your account? — xaosflux ^Talk 16:08, 28 June 2021 (UTC)

@Xaosflux: yes, I have 2FA enabled.--ragesoss (talk) 16:13, 28 June 2021 (UTC)

 Done no hold time as prior removal was only for inactivity, welcome back. — xaosflux ^Talk 16:35, 28 June 2021 (UTC)

The following inactive administrators are being desysoped due to inactivity. Thank you for your service.

1. Nickshanks (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

   Last admin action: May 2018

2. Ultraexactzz (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

   Last admin action: Jun 2020

3. Schissel (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

   Last admin action: Apr 2009

4. Kees08 (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

   Last admin action: Mar 2020

— xaosflux ^Talk 00:26, 1 July 2021 (UTC)

Note that Schissel's inactivity which led to their desyssopping was due to locking themselves out of their account due to losing 2fa code access. See their talk page posts https://en.wikipedia.org/wiki/User_talk:Schissel#Hrm._Bye_soon_:) and their new account https://en.wikipedia.org/wiki/User:ELSchissel . Really don't think there's any way this can be fixed at this point, but I wish Schissel had posted here as it may have been resolvable. Jackattack1597 (talk) 20:54, 6 July 2021 (UTC)

@Jackattack1597: note that the "new account" posted that we should "feel free to remove privileges" a month ago ^(diff). — xaosflux ^Talk 21:25, 6 July 2021 (UTC)

And Schissel having made no admin actions for over 9 years and only 16 admin actions total has nothing to do 2FA * Pppery * _{it has begun...} 22:08, 6 July 2021 (UTC)

The rules don't currently require any rate of admin actions, though, so using a that as a reason for desysopping on a 2FA glitch isn't very fair. And unlike some, who just pop back once a year to reclaim the bit, this is actually still a reasonably active editor. It seems like there's no harm no foul here, as the editor isn't bothered by losing the bit, but let's not pretend it has anything to do with the last logged admin action, unless you want to make that a requirement for everyone.  — Amakuru (talk) 06:39, 7 July 2021 (UTC)

It's worth bearing in mind that admin rights are given to accounts not to people. If there is a technical problem with an admin account that is held by a person who also has a non-admin alternative account, the admin rights cannot be transferred to the non-admin account without going through a RfA. Admin rights are removed from an account not from a person (so admin rights can be removed from an admin bot, but left with the admin operator, and vice versa). If a person has shown they no longer hold the trust of the eng.wiki community, then admin rights will be removed from all accounts they hold on en.wiki, though not from accounts they may hold on other wikis. However, site bans, including global actions, are applied to people, not just accounts. In this instance there is no question of distrust, site bans, or global actions - the account (not the person) is merely being desysopped because of inactivity of the account in line with community consensus. User:ELSchissel may apply for the tools via RfA at any time. SilkTork (talk) 09:50, 7 July 2021 (UTC)

@SilkTork: Wikipedia:Former_administrators/reason/renamed lists a number of cases where an admin transferred their bit to an alternate account, for a variety of reasons including at least one account lockout. Has there been some change in policy since the most recent instance in 2017? -- Tamzin (she/they) | o toki tawa mi. 10:26, 7 July 2021 (UTC)

That's a good question. "Admin rights are given to accounts not to people" seems a very odd state of affairs, given that for other purposes (community bans etc) we assume it's the person who's the principal agent... If I die and leave my Wiki password to someone in my family, can they pick up the reins and carry on adminning away in my stead, on the grounds that it's not really me who's the admin but my account?  — Amakuru (talk) 11:04, 7 July 2021 (UTC)

Thanks for that Tamzin. Well, as there is some precedent for transferring rights from one account to another on request, then - if they had not fallen foul of the five year rule (their last admin edit was over five years ago) - it seem we could have considered allowing User:ELSchissel that privilege if they had requested it. They have done nothing wrong, merely got caught in a technical problem. They would have needed to satisfy queries that they were the person behind the User:Schissel account. And it would have made sense to have a Crat Chat if they had requested the mop back. But other than that, you are right, it does seem that the community would have allowed it. For a renaming of an account I understand (because it's the same account, just a different name), but transferring rights from a main account to an alternate account is not something I expected to see, as the rights were transferred to an account that had not passed RfA. But as the community allowed it then it can be done again - unless there is a change in policy to prevent that happening. SilkTork (talk) 11:15, 7 July 2021 (UTC)

SilkTork, I strongly disagree with this statement. From my point of view, the admin user-right is given to people, not accounts. A person may only have one admin account. In certain circumstances - i.e. when there is a confirmed link between the accounts and the individual has good reason, admin user-rights can be transferred without a fresh RfA. Regarding Admin bots - they do not need to have a fresh RfA. So, overall, no - the role is associated with a person and assigned to one account (or multiple for adminbots). Worm^TT(talk) 11:18, 7 July 2021 (UTC)

Amakuru - it's one person per account, but one person can have more than one account. Rights acquired by one account are not normally transferred to other accounts, and I assumed that was standard. However, there is at least one case of admin rights being transferred not to a renamed account, but to an alternate account, so it seems that rights can be transferred. Or, at least, that there is no policy which prevents it. As such, it appears us 'Crats would need to seriously consider such requests if they come our way. Unless the community make clear that they don't wish rights to be transferred. SilkTork (talk) 11:27, 7 July 2021 (UTC)

User:Worm That Turned. The relationship between a person and an account is nebulous. Many accounts are anonymous, and we don't require to know who the person behind the account is. As such we are giving the rights to the account, but on the understanding that only one person uses that account. So are we actually giving the rights to the person, or to the person behind that particular account? And if that person is behind another account, created to edit in a different area of the project, could they successfully ask a Crat to apply admin rights to that account as well, because they are the same person? SilkTork (talk) 11:36, 7 July 2021 (UTC)

SilkTork, I'd much prefer the situation where the question of "can we prove these two are the same person" leads to transferring an account, than to desysopping due to use of multiple admin accounts! Anonymous or not, a person behind the account exists. If the admin remains anonymous, then it is unlikely they will be able to transfer the right. Worm^TT(talk) 11:45, 7 July 2021 (UTC)

For what it's worth, I am absolutely of the opinion that RfA grants adminship to the person behind the keyboard, which is then implemented by granting +sysop to the main account (and limited by WP:ADMINSOCK to only that account). When I am on my public-computer account, I'm not going to tack {{nac}} onto everything I say and have no problem with using the "social" powers of an administrator, because I am an admin...just not currently on an account with +sysop. This does not, of course, answer the question of whether we can verify that Scissel/ELSchissel are in fact the same person, just a commentary on the distinction between accounts and the person operating those accounts. GeneralNotability (talk) 20:04, 7 July 2021 (UTC)

@Worm That Turned: Surely an administrator can remain anonymous and have their rights transferred over due to a use of committed identities? Sdrqaz (talk) 15:02, 8 July 2021 (UTC)

To me the underlying stuff looks simple. The rights are approved for a person even if we don't know their real world name. The mechanics are that only one account (of theirs) has the mop. Everything else is merely about safely administering that. When consistent with the latter, the person can decide which account that is. The referred to "given to" statements are just just unnecessary vague semantics and not a basis for deriving anything from. Sincerely, North8000 (talk) 17:50, 8 July 2021 (UTC)

Sdrqaz, I said unlikely, not impossible. There are a few other ways it might happen - if needed. Worm^TT(talk) 19:10, 8 July 2021 (UTC)

@Amakuru: the notation of the last detected admin action on the chart above is just a reference that can help determine if the 5 year rule would be a factor during any subsequent restoration request, alone it is not a consideration for inactivity removal. — xaosflux ^Talk 10:20, 7 July 2021 (UTC)

• I don't see it as controversial if it is publicly known that both accounts are controlled by the same person and they want to move the bit from one account to the other, think Bishzilla/Bishonen. Both accounts publicly confirming the transfer request should suffice for that. I'm less confident where it is a declared alt account declaring that their main account has been compromised. Taking a couple of hypotheticals, what do people think of the scenario where an admin I know through the London meetup or some similar real life context, they lose their password and ask me to shift the bit to their new account? Or when an admin does a clean start, but asks a crat to transfer the bit from their retired account to the new one - perhaps by emails from both accounts. I don't see a problem with the first of those scenarios, with the second at the least the crat would need to check that the admin making a clean start was not under a cloud. ϢereSpielChequers 13:47, 7 July 2021 (UTC)

  I don't think "clean starting" former admins should get +sysop without a new RfA, and Wikipedia:Clean_start#Requests_for_adminship seems to support that. — xaosflux ^Talk 14:01, 7 July 2021 (UTC)

• Perhaps the language at Wikipedia:Administrators#Procedural_removal_for_inactive_administrators should be changed from "administrators" to "administrator accounts" as the admin Schissel/El Schissel has in fact been active for the last year.-- Pawnkingthree (talk) 14:15, 7 July 2021 (UTC)

  ... but we didn't desysop or decrat Useight * Pppery * _{it has begun...} 14:19, 7 July 2021 (UTC)

  You're right, I just remembered about WP:USEIGHT. The admin account retained its permissions while the alt was the only one active.-- Pawnkingthree (talk) 14:23, 7 July 2021 (UTC)

  If Schissel had requested transfer of rights at the time they were being locked out of the Schissel account and creating the alternative El Schissel account I do think, given the circumstances, and that there is community acceptance for transferring admin rights between publicly linked accounts, it likely we could have transferred the rights. But, even if El Schissel wished to have the rights, given that a year has passed, I doubt that such a transfer would now be uncontroversial. SilkTork (talk) 17:05, 7 July 2021 (UTC)

• It seems we are comfortable in some situations (where both accounts are publicly known and linked, or where an account is changing names), less comfortable in others (perhaps where there has previously been no link between accounts - such as the new account being created after the previous one has closed), and reluctant if the link between accounts has only been made known to ArbCom, and is concealed from the community. I still remain personally uncertain about the notion of transferring rights from one account to another without explicit consent from the community; though, as we have unchallenged precedent, I accept that the principle is acceptable to the community. So, in such a case as this where a person gets locked out of their admin account for technical reasons, then, after being convinced that it is the same person in the new account, I would agree to a transfer of rights. SilkTork (talk) 16:51, 7 July 2021 (UTC)

• Schissel should not be desysopped for inactivty, per WP:USEIGHT. The user behind accounts Schissel / ELSchissel meets the activity threshold requirements for retainship adminsip in exactly the same way as the user behind accounts Useight / Useight's Public Sock did from 2012 to 2017. Ben · Salvidrim! ✉ 17:07, 7 July 2021 (UTC)

• Has anyone asked this editor what they want to happen? --In actu (Guerillero) ^{Parlez Moi} 17:30, 7 July 2021 (UTC)

  I do not see a confirmation that this is the same person to start with--Ymblanter (talk) 17:36, 7 July 2021 (UTC)

  @Guerillero and In actu: I linked to their own response above, from: Special:Diff/1026264478, "...Feel free to remove privileges.". — xaosflux ^Talk 18:05, 7 July 2021 (UTC)

  I have notified him of this conversation. Sdrqaz (talk) 19:10, 7 July 2021 (UTC)

• This seems like a lot of fuss over someone who doesn't seem to care if they are an admin. Also, claiming to be the person who operated the previous account is not the same thing as proving it (although if they were an impersonator they would probably explicitly ask for the tools on the new account). Beeblebrox (talk) 21:13, 7 July 2021 (UTC)

  I really don't think this is an impersonator, an impersonator would probably care a little bit more about getting the tools back. Also, the editing style on the accounts is pretty similar, though that could be faked. ( Both accounts are interested in music articles, and both accounts use a similar style of edit summaries.)Jackattack1597 (talk) 01:44, 8 July 2021 (UTC)

• Given the Useight case, which determined as far as I can tell that the inactivity policy applies to people, not accounts, I think that if it can be established that Schissel is in control of the alternate account, they should get the admin bit back as the inactivity removal would have been counter to policyJackattack1597 (talk) 01:38, 8 July 2021 (UTC)

  That is my understanding as well - that the inactivity rules were applied to a specific person, not a specific account. To be clear, I would not suggest re-adminning the locked-out account but rather the currently-used account. However, the voluntary request to remove the privileges would render the case moot, until/unless the new account retracted that and requested the tools and it was sufficiently established that both accounts were that of the same individual. However, assuming the two accounts are the same person, the five-year rule applies, if I recall correctly, only in the case of an inactivity removal, not in the case of a voluntary removal. Therefore, it should be determined if the loss of the admin tools was due to inactivity or due to resignation, in order to know if the five-year rule would apply in the event that the user requested the tools restored. Useight (talk) 16:45, 8 July 2021 (UTC)

  The tricky thing is that while the user said feel free to remove tools, the tools were not actually removed until the inactivity removal, so the loss of the tools was due to inactivity by the administrator account. The five year rule would apply if the user re-requested, then, BUT if the two accounts are the same person, the desyopping was in error. The question is: would policy permit reversing the desysopping if that was the case?Jackattack1597 (talk) 00:29, 9 July 2021 (UTC)

  I definitely agree that it would be pointless to readmin the locked out account.Jackattack1597 (talk) 00:29, 9 July 2021 (UTC)

• So was this the meeting room for the People's Front of Judea, the Judea People's Front, or the Coalition for a Roman Free Judea? Or did I walk into the Globe Theater for their Much Ado About Nothing production? The Blade of the Northern Lights (話して下さい) 02:45, 8 July 2021 (UTC)

  "Completely new motion, that there be immediate action!" "Ah, once the vote has been taken." "Well, obviously once the vote's been taken. You can't act on the resolution till you've voted on it!" Sdrqaz (talk) 03:07, 8 July 2021 (UTC)

  I mean, you can't really be surprised about unnecessary bureaucratic discussion going on on the Bureaucrats noticeboard.Jackattack1597 (talk) 11:21, 8 July 2021 (UTC)

• [Bishzilla smirks at finding herself appearing on the list of renamed admins as if she was the original owner of Bishonen's admin rights.] Not exactly correct. But pleasing! bishzilla _ROARR!! pocket 16:04, 8 July 2021 (UTC).

  Heh, left column just means that's who got desysopped, not that's who had the bit originally. The matching desysop for User:Bishonen isn't listed since that account isn't a "former admin" (although, back to SilkTork's point, I suppose you the individual are both an admin and a former admin... or a human and dinosaur jointly posing as a single person who is both an admin and a former admin). I imagine if WP:FORMER in 2009 had had its same level of attention to detail as it does now, it would have listed User:Bishonen for the same reason it now lists User:Bishzilla. Both of y'all are at WP:RESYSOPS, though... Although I'm not entirely sure why in your (Bishzilla's) case, as you were only ever sysopped once. -- Tamzin (she/they) | o toki tawa mi. 16:29, 8 July 2021 (UTC)

  Bishzilla better admin, anyway, and User:Rdsmith4 best 'crat. Thank you User:Tamzin. bishzilla _ROARR!! pocket 17:30, 8 July 2021 (UTC).