Wikipedia:Administrators' noticeboard: Difference between revisions

Welcome – post issues of interest to administrators.

Shortcuts WP:AN WP:ANB For urgent incidents and chronic, intractable behavioral problems, use Wikipedia:Administrators' noticeboard/Incidents. If you are new, try the Wikipedia:Teahouse instead. Do not report breaches of personal information on this highly visible page – instead use Wikipedia:Requests for oversight. For administrative backlogs add {{Admin backlog}} to the backlogged page; post here only if urgent. Do not post requests for page protection, deletion requests, or block requests here. Just want an admin? Contact a recently active admin directly. When you start a discussion about an editor, you must leave a notice on their talk page. Pinging is not enough. You may use {{subst:AN-notice}} ~~~~ to do so. Sections inactive for over three days are archived by Lowercase sigmabot III.(archives, search) Start a new discussion

Template:Active editnotice

This page has an administrative backlog that requires the attention of willing administrators. Please replace this notice with {{no admin backlog}} when the backlog is cleared.

"WP:CR" redirects here. You may be looking for Wikipedia:Cleanup resources, Wikipedia:Categorizing redirects, Wikipedia:Copyrights, Wikipedia:Competence is required, Wikipedia:Dispute resolution and Wikipedia:Content removal.

"WP:ANC" redirects here. You may be looking for Wikipedia:Assume no clue.

You may want to increment {{Archive basics}} to |counter= 38 as Wikipedia:Closure requests/Archive 37 is larger than the recommended 150Kb.

Archives

Index no archives yet (create)

This page has archives. Sections older than 6 days may be automatically archived by Lowercase sigmabot III when more than 3 sections are present.

Shortcuts

• WP:CR
• WP:RFCL
• WP:ANRFC

Use the closure requests noticeboard to ask an uninvolved editor to assess, summarize, and formally close a Wikipedia discussion. Do so when consensus appears unclear, it is a contentious issue, or where there are wiki-wide implications (e.g. any change to our policies or guidelines).

Do not list discussions where consensus is clear. If you feel the need to close them, do it yourself.

Move on – do not wait for someone to state the obvious. In some cases, it is appropriate to close a discussion with a clear outcome early to save our time.

Do not post here to rush the closure. Also, only do so when the discussion has stabilised.

On the other hand, if the discussion has much activity and the outcome isn't very obvious, you should let it play out by itself. We want issues to be discussed well. Do not continue the discussion here.

There is no fixed length for a formal request for comment (RfC). Typically 7 days is a minimum, and after 30 days the discussion is ripe for closure. The best way to tell is when there is little or no activity in the discussion, or further activity is unlikely to change its result.

When the discussion is ready to be closed and the outcome is not obvious, you can submit a brief and neutrally worded request for closure.

Be sure to include a link to the discussion itself and the {{Initiated}} template at the beginning of the request. A helper script can make listing discussions easier.

Any uninvolved editor may close most discussions, so long as they are prepared to discuss and justify their closing rationale.

Closing discussions carries responsibility, doubly so if the area is contentious. You should be familiar with all policies and guidelines that could apply to the given discussion (consult your draft closure at the discussions for discussion page if unsure). Be prepared to fully answer questions about the closure or the underlying policies, and to provide advice about where to discuss any remaining concerns that editors may have.

Non-admins can close most discussions. Admins may not overturn your non-admin closures just because you are not an admin, and this should not normally be in itself a problem at closure reviews. Still, there are caveats. You may not close discussions as an unregistered user, or where implementing the closure would call to use tools or edit permissions you do not have access to. Articles for deletion and move discussion processes have more rules for non-admins to follow.

Technical instructions for closers

Please append {{Doing}} to the discussion's entry you are closing so that no one duplicates your effort. When finished, replace it with {{Close}} or {{Done}} and an optional note, and consider sending a {{Ping}} to the editor who placed the request. Where a formal closure is not needed, reply with {{Not done}}. After addressing a request, please mark the {{Initiated}} template with |done=yes. ClueBot III will automatically archive requests marked with {{Already done}}, {{Close}}, {{Done}} {{Not done}}, and {{Resolved}}.

If you want to formally challenge and appeal the closure, do not start the discussion here. Instead follow advice at WP:CLOSECHALLENGE.

Other areas tracking old discussions

• Wikipedia:Requested moves#Elapsed listings
• Wikipedia:Articles for deletion/Old
• Wikipedia:Redirects for discussion
• Wikipedia:Categories for discussion/Awaiting closure
• Wikipedia:Templates for discussion#Old discussions
• Wikipedia:Miscellany for deletion#Old business
• Wikipedia:Proposed mergers/Log
• Wikipedia:Proposed article splits

Administrative discussions

Wikipedia:Administrators' noticeboard#RfC closure review request at Wikipedia:Reliable sources/Noticeboard/Archive 433#Closing (archived) RfC: Mondoweiss

(Initiated 29 days ago on 16 April 2024) - already the oldest thread on the page, and at the time of this comment, there has only been one comment in the past nine days. starship.paint (RUN) 03:15, 4 May 2024 (UTC)

 Doing... —Compassionate727 ^(T·C) 01:25, 15 May 2024 (UTC)

Place new administrative discussions above this line using a level 3 heading

Requests for comment

Talk:Awdal#RFC - Habr Awal/Isaaq clan

(Initiated 142 days ago on 24 December 2023) ScottishFinnishRadish (talk) 21:17, 24 January 2024 (UTC)

RfC: Tasnim News Agency

(Initiated 92 days ago on 12 February 2024)

Closure request for this WP:RSN RfC initiated on February 12, with the last !vote occurring on March 18. It was bot-archived without closure on March 26 due to lack of recent activity. - Amigao (talk) 02:33, 1 May 2024 (UTC)

RfC: Change INFOBOXUSE to recommend the use of infoboxes?

(Initiated 60 days ago on 15 March 2024) Ready to be closed. Charcoal feather (talk) 17:02, 27 April 2024 (UTC)

Before I try to close this I wanted to see if any editors believed I am WP:INVOLVED. I have no opinions on the broader topic, but I have previously participated in a single RfC on whether a specific article should include an infobox. I don't believe this makes me involved, as my participation was limited and on a very specific question, which is usually insufficient to establish an editor as involved on the broader topic, but given the strength of opinion on various sides I expect that any result will be controversial, so I wanted to raise the question here first.

If editors present reasonable objections within the next few days I won't close; otherwise, unless another editor gets to it first, I will do so. BilledMammal (talk) 04:43, 13 May 2024 (UTC)

Talk:Russo-Ukrainian War#RFC on Listing of Belarus

(Initiated 60 days ago on 16 March 2024) Hello, this RFC was started on 16 March 2024 and as of now was active for more than a month (nearly 1,5 month to be exact). I think a month is enough for every interested user to express their opinion and to vote at RFC and the last vote at this RFC was made by user Mellk on 15 April 2024 (nearly two weeks ago and within a month since the start of this RFC). The question because of which this RFC was started previously resulted in quite strong disagreements between multiple users, but I think there already is a WP:CONS of 12 users who already voted at this RFC. Since the contentious topics procedure applies to page Russo-Ukrainian War, I think this RFC must be closed by uninvolved user/administrator to ensure a valid WP:CONS and to prevent further disputes/edit warring about this question in the future. -- Pofka (talk) 09:50, 27 April 2024 (UTC)

Will an experienced uninvolved editor please close this RFC. If there is a consensus that Belarus should be listed, but not as to how it should be listed, please close with the least strong choice, Robert McClenon (talk) 17:08, 27 April 2024 (UTC)

I think it should not be closed with the "least strong choice", but instead with a choice which received the most votes (the strongest choice). The most users chose C variant (in total 6 users: My very best wishes, Pofka, Gödel2200, ManyAreasExpert, Licks-rocks, CVDX), while the second strongest choice was A variant (in total 5 users). So I think the WP:CONS of this RFC question is C variant. -- Pofka (talk) 18:33, 27 April 2024 (UTC)

 Doing... —Compassionate727 ^(T·C) 01:22, 15 May 2024 (UTC)

Talk:Libertarian Party (Australia)#Conservatism

(Initiated 46 days ago on 29 March 2024) RfC template expired. TarnishedPath^talk 01:22, 29 April 2024 (UTC)

Talk: Elissa Slotkin#Labor Positions and the 2023 UAW Strike

(Initiated 46 days ago on 30 March 2024) RfC expired, no clear consensus. andrew.robbins (talk) 04:05, 30 April 2024 (UTC)

WP:RSN#RFC:_The_Anti-Defamation_League

(Initiated 38 days ago on 7 April 2024) Three related RFCs in a trench coat. I personally think the consensus is fairly clear here, but it should definitely be an admin close. Loki (talk) 14:07, 6 May 2024 (UTC)

Wikipedia:Requests for comment/Enforcing ECR for article creators

(Initiated 37 days ago on 8 April 2024) Discussion appears to have died down almost a month after this RfC opened. Would like to see a formal close of Q1 and Q2. Awesome Aasim 00:11, 8 May 2024 (UTC)

Talk:Brothers of Italy#RfC on neo-fascism in info box 3 (Effectively option 4 from RfC2)

(Initiated 36 days ago on 8 April 2024) Clear consensus for change but not what to change to. I've handled this RfC very badly imo. User:Alexanderkowal — Preceding undated comment added 11:50, 1 May 2024 (UTC)

Talk:International Churches of Christ#Request for Comment on About Self sourcing on beliefs section of a religious organization’s article

(Initiated 29 days ago on 15 April 2024) No new comments in eight days. TarnishedPath^talk 01:33, 11 May 2024 (UTC)

Talk:Havana syndrome#RfC on the presentation of the Havana Syndrome investigative report content

(Initiated 20 days ago on 25 April 2024) No new comments in 12 days. {{u|Gtoffoletto}}  ^talk 08:52, 13 May 2024 (UTC)

Place new discussions concerning RfCs above this line using a level 3 heading

Deletion discussions

XFD backlog

V	Feb	Mar	Apr	May	Total
CfD	0	0	19	20	39
TfD	0	0	0	1	1
MfD	0	0	2	3	5
FfD	0	0	2	2	4
RfD	0	0	23	48	71
AfD	0	0	0	4	4

Wikipedia:Categories for discussion/Log/2024 April 8#Medical schools in the Caribbean

(Initiated 54 days ago on 21 March 2024) HouseBlaster (talk · he/him) 20:38, 4 May 2024 (UTC)

Wikipedia:Categories for discussion/Log/2024 April 8#Category:French forts in the United States

(Initiated 54 days ago on 22 March 2024) HouseBlaster (talk · he/him) 20:38, 4 May 2024 (UTC)

Wikipedia:Categories for discussion/Log/2024 April 10#Category:19th-century Roman Catholic church buildings in Réunion

(Initiated 52 days ago on 23 March 2024) HouseBlaster (talk · he/him) 13:39, 13 May 2024 (UTC)

Wikipedia:Categories for discussion/Log/2024 April 24#Category:Asian American billionaires

(Initiated 21 days ago on 24 April 2024) HouseBlaster (talk · he/him) 20:38, 4 May 2024 (UTC)

Place new discussions concerning XfDs above this line using a level 3 heading

Other types of closing requests

Talk:Maersk Hangzhou#Second merge proposal

(Initiated 111 days ago on 24 January 2024) Merge discussion involving CTOPS that has been open for 2 weeks now. Needs closure. The Weather Event Writer (Talk Page) 04:46, 8 February 2024 (UTC)

@WeatherWriter: I would give it a few days as the discussion is now active with new comments. GoldenBootWizard276 (talk) 00:00, 3 March 2024 (UTC)

As nominator, I support a non consensus closure of this discussion so we can create an RFC to discuss how WP:ONEEVENT applies in this situation. GoldenBootWizard276 (talk) 21:56, 9 March 2024 (UTC)

Talk:1985_Pacific_hurricane_season#Proposed_merge_of_Hurricane_Ignacio_(1985)_into_1985_Pacific_hurricane_season

(Initiated 105 days ago on 30 January 2024) Listing multiple non-unanimous merge discussions from January that have run their course. Noah, AA^Talk 13:50, 15 March 2024 (UTC)

Talk:Pharnavaz_I_of_Iberia#Requested_move_6_February_2024

(Initiated 99 days ago on 6 February 2024) Requested move open for nearly 2 months. Natg 19 (talk) 17:46, 27 March 2024 (UTC)

Has now been open for three months. 66.99.15.163 (talk) 19:23, 10 May 2024 (UTC)

Talk:12 February 2024 Rafah strikes#Merge proposal to Rafah offensive

(Initiated 92 days ago on 13 February 2024) The discussion has been inactive for over a month, with a clear preference against the merge proposal. CarmenEsparzaAmoux (talk) 19:35, 24 April 2024 (UTC)

Talk:Rupert_Sheldrake#Talkpage_"This_article_has_been_mentioned_by_a_media_organization:"_BRD

(Initiated 28 days ago on 16 April 2024) - Discussion on a talkpage template, Last comment 6 days ago, 10 comments, 4 people in discussion. Not unanimous, but perhaps there is consensus-ish or strength of argument-ish closure possible. Gråbergs Gråa Sång (talk) 07:24, 23 April 2024 (UTC)

It doesn't seem to me that there is a consensus here to do anything, with most editors couching their statements as why it might (or might not) be done rather than why it should (or should not). I will opine that I'm not aware there's any precedent to exclude {{Press}} for any reason and that it would be very unusual, but I don't think that's good enough reason to just overrule Hipal. —Compassionate727 ^(T·C) 01:01, 13 May 2024 (UTC)

Talk:Forest_management#Merge_proposal

(Initiated 17 days ago on 28 April 2024) As the proposer I presume I cannot close this. It was started more than a week ago and opinions differed somewhat. Chidgk1 (talk) 13:46, 10 May 2024 (UTC)

Talk:Press_Your_Luck_scandal#Separate_articles

(Initiated 12 days ago on 2 May 2024) Please review this discussion. --Jax 0677 (talk) 01:42, 11 May 2024 (UTC)

Talk:Agroforestry#Merge_proposal

(Initiated 11 days ago on 3 May 2024) As the proposer I presume I cannot close this. It was started more than a week ago and opinions differed somewhat. Chidgk1 (talk) 13:46, 10 May 2024 (UTC)

Place new discussions concerning other types of closing requests above this line using a level 3 heading

Pages recently put under extended-confirmed protection

Report

Pages recently put under extended confirmed protection (30 out of 7751 total) (Purge) WATCH Page Protected Expiry Type Summary Admin Draft:CaseOh 2024-05-15 02:40 indefinite create Repeatedly recreated Dennis Brown Poot 2024-05-15 00:14 2025-05-15 00:14 edit,move Persistent sock puppetry; requested at WP:RfPP Daniel Quinlan Spore (2008 video game) 2024-05-14 23:39 2024-11-14 23:39 edit,move Persistent vandalism from (auto)confirmed accounts; requested at WP:RfPP Daniel Quinlan Jewish Institute for National Security of America 2024-05-14 06:51 indefinite edit,move Arbitration enforcement Doug Weller Nava Mau 2024-05-14 03:45 indefinite edit,move Persistent disruptive editing: per RFPP; will also log as CTOPS action Daniel Case Andrey Belousov 2024-05-14 03:31 indefinite edit,move Community sanctions enforcement: per RFPP and WP:RUSUKR Daniel Case Category:Hamas 2024-05-13 23:01 indefinite edit,move Arbitration enforcement Izno Sde Teiman detention camp 2024-05-13 20:49 indefinite edit,move Contentious topic restriction: WP:ARBPIA Ymblanter Çankaya Mansion 2024-05-13 14:18 indefinite edit,move Arbitration enforcement, WP:GS/AA Rosguill Second Battle of Latakia 2024-05-13 13:39 indefinite edit,move Arbitration enforcement ScottishFinnishRadish Alien 2024-05-13 13:23 indefinite move lower to semi, time heals; requested at WP:RfPP The Night Watch Shays' Rebellion 2024-05-13 08:08 2025-05-13 08:08 move dang it. Not used to move protection, I guess.... Dennis Brown Chuck Buchanan Jr. 2024-05-13 02:01 indefinite create Repeatedly recreated; requested at WP:RfPP Daniel Quinlan Animal stereotypes of Jews in Palestinian discourse 2024-05-13 01:24 indefinite edit,move Contentious topic restriction: per ARBPIA Daniel Case Michael Ealy 2024-05-13 01:22 2025-05-13 01:22 edit,move Persistent vandalism: racist swinery Drmies Template:Nelson, New Zealand 2024-05-13 00:51 indefinite move Highly visible template that is vulnerable to macron vandalism Schwede66 Hebrew University of Jerusalem 2024-05-12 21:47 indefinite edit,move Contentious topic restriction: per ARBPIA Daniel Case Interracial marriage 2024-05-12 19:14 2024-11-12 19:14 edit,move Persistent sockpuppetry RoySmith Template:FAQ/FAQ 2024-05-12 10:48 indefinite create Repeatedly recreated Justlettersandnumbers User:Arjayay/Rang HD 2024-05-12 10:46 indefinite edit,move Persistent sockpuppetry: WP:Sockpuppet investigations/Rang HD -- requested at WP:RFPP Favonian Rangiya 2024-05-12 09:27 2024-10-16 06:56 edit,move Persistent sockpuppetry: confirmed socks edit the article Ymblanter Vaush 2024-05-12 07:35 indefinite edit,move per WP:CT/BLP Primefac Timeline of the Israeli–Palestinian conflict in January–June 2015 2024-05-12 04:52 indefinite edit,move Arbitration enforcement Johnuniq Later-no-harm criterion 2024-05-12 03:07 2024-06-12 03:07 edit,move Edit warring / content dispute: Protected per a complaint at WP:AN3 EdJohnston Draft:Lewis Raymond Taylor 2024-05-11 20:41 2024-08-11 20:41 edit,move Persistent sock puppetry; requested at WP:RfPP Daniel Quinlan Lewis Raymond Taylor 2024-05-11 20:35 indefinite create Persistent sockpuppetry JJMC89 2024 Kharkiv offensive 2024-05-11 12:11 indefinite edit,move Community sanctions enforcement: WP:GS/RUSUKR --requested at WP:RFPP Favonian Drake (musician) 2024-05-11 09:32 indefinite edit,move Contentious topics enforcement for WP:CT/BLP; requested at WP:RfPP Daniel Quinlan Slovenia 2024-05-11 09:29 2024-05-18 09:29 edit edit wars on the page Tone Timeline of the Israel–Hamas war (7 May 2024 – present) 2024-05-11 03:48 indefinite edit,move Contentious topic restriction: per RFPP and ARBPIA Daniel Case

Please help- who tried to break into my account?

Tracked in Phabricator
Task T193769

Please note that receiving one of these notifications does not mean your account was actually compromised or hacked. You may want to review WP:STRONGPASS and WP:SECURITY to ensure you are doing all you can to protect your account, but you do not necessarily need to reset your password. Beeblebrox (talk) 20:53, 3 May 2018 (UTC)

Can you please find out who tried to break into my account? It worries me. I want to see if it was someone in my area or other. Alex of Canada (talk) 17:35, 3 May 2018 (UTC)

@Alex of Canada: Someone tried three times several hours ago to get into mine. It happens; as long as you have a secure password you should be fine. Home Lander (talk) 17:40, 3 May 2018 (UTC)

This just happened to me, too. It's not unusual, I get one or two a month, and about once a year, someone makes a whole lot of login attempts. Make sure you have a unique password for Wikipedia. Use a password manager if you don't already. Use multi-factor authentication. Consider changing your password if you are worried (or especially if it wasn't unique). I already have these set up on my account so I just ignore the warnings when they come in. You asked to find out who tried to break into your account. That information is not generally available, I'm afraid. --Yamla (talk) 17:41, 3 May 2018 (UTC)

My password is secure, but I'm worried it might be a hacker who will find out how to get into anyone eventually. Alex of Canada (talk) 17:48, 3 May 2018 (UTC)

Best case is to use a unique password here (so if they figure out who you are, can't get into anything else, such as your email) and set up extra measures. A WP:Committed identity would be a good start. Home Lander (talk) 17:53, 3 May 2018 (UTC)

That might be a legitimate worry, but it existed before some person or bot tried to brute-force some Wikipedia accounts. Hacking without guessing the password is a whole different proposition. Related stuff at Wikipedia:Village pump (technical)#two-factor authorization and User talk:Winkelvi#Compromised account attempt. ―Mandruss ☎ 17:54, 3 May 2018 (UTC)

Related discussion at VPT (permalink) with some more detailed information. Seems there's a rash of this today. ~ Amory (u • t • c) 18:04, 3 May 2018 (UTC)

Yep. Two threads at the teahouse on this same subject. Beeblebrox (talk) 18:37, 3 May 2018 (UTC)

Just tried and failed with mine. --SarekOfVulcan (talk) 18:43, 3 May 2018 (UTC)

Recommend that all admins set up 2-factor auth. Andrevan@ 18:49, 3 May 2018 (UTC)

Everyone reviewing WP:STRONGPASS and WP:SECURITY couldn’t hurt either. Beeblebrox (talk) 18:50, 3 May 2018 (UTC)

Me, too (in case anyone is keeping track of admin v non-admin attempts). SandyGeorgia (Talk) 18:59, 3 May 2018 (UTC)

Me too. I already asked a question at WP:Village pump (technical)#two-factor authorization. Martinevans123 (talk) 19:02, 3 May 2018 (UTC)

I had this today as well, but I have break-in attempts on a regular basis, with a record of several hundreds per day (not today though).--Ymblanter (talk) 19:15, 3 May 2018 (UTC)

They must like you. Martinevans123 (talk) 19:21, 3 May 2018 (UTC)

Got an attempt today as well. SQL^{Query me!} 19:20, 3 May 2018 (UTC)

Me as well. Question I should probably know the answer to: can a functionary look up the IP addresses behind these bogus login attempts and implement a technical restriction? Ivanvector (^Talk/_Edits) 19:22, 3 May 2018 (UTC)

Technically, yes. Whether it is allowed by the policy I do not know.--Ymblanter (talk) 19:43, 3 May 2018 (UTC)

Well, if there's a way to determine that an IP is being used for abusive login attempts, autoblocking that IP for 24 hours is probably a good security practice. Wouldn't stop them hacking an account probably but then at least they wouldn't be able to edit. If our policies don't support that then we should change our policies. Ivanvector (^Talk/_Edits) 19:55, 3 May 2018 (UTC)

Me too. Natureium (talk) 19:39, 3 May 2018 (UTC)

First Thursday of every May. Coincidence, perhaps. --NeilN ^{talk to me} 19:18, 3 May 2018 (UTC)

I'm probably the only editor right now that hasn't had attempted account hacks ...... Not sure if that's a good sign or a bad one lol. –Davey2010^Talk 19:32, 3 May 2018 (UTC) Inevitable happened. –Davey2010^Talk 22:25, 3 May 2018 (UTC)

Me too, Davey! --Malcolmxl5 (talk) 21:24, 3 May 2018 (UTC)

• I readily admit I am not the most experienced CU, but I am unaware of how we could look up who attempted and failed at logging in. I’ll ask for further input though in case it’s just something I don’t know about. Beeblebrox (talk) 19:50, 3 May 2018 (UTC)

Good point. So all we need to do is all simultaneously set our passwords to "password* for five minutes and simply track 'em down!!? Martinevans123 (talk) 19:56, 3 May 2018 (UTC)

Yeah, it would take far more access (database?) to determine where this is coming from. If that information is even stored. If this isn't a bot driven thing (which it probably is), then a limiter on logins per IP would be nice as well. Arkon (talk) 20:03, 3 May 2018 (UTC)

• I’ve gotten some response form the other functionaries about this, here’s what we’ve got:

• Currently, CU cannot do this
• There is a phabricator thread about notifying the user of the ip of whoever tried to log into their account. It is approved and being worked on but not functional yet
• There is some indication that this is a specifc banned user already familiar to some of the functionaries so it is possible some action will be forthcoming but I’m not sure wat it will be.

Beeblebrox (talk) 20:24, 3 May 2018 (UTC)

@Beeblebrox: There is a way to check it, but it's on Toolforge. The people that have access to it aren't functionaries but more devs I think. There'sNoTime knows more about it. Dat Guy^Talk_Contribs 09:00, 4 May 2018 (UTC)

• Apparently there have been tens of thousands of failed login attempts over the past few hours. Check this out for some idea of the scope. The back office is aware of this and we cn expect a statement from them in the near future. Beeblebrox (talk) 20:33, 3 May 2018 (UTC)

Thanks for clarifying. Martinevans123 (talk) 20:44, 3 May 2018 (UTC)

• Interesting. I got one of those failed login attempt messages too. I changed my password to something stronger and thought nothing else of it until now. – Muboshgu (talk) 20:36, 3 May 2018 (UTC)

• I just got a notification that somebody get into mine too.--Crasstun (talk | contributions) 20:44, 3 May 2018 (UTC)
• Me too, and User:SPECIFICO. We were also both targeted at Wikipedia yesterday by the same editor, but no idea if there's any connection. That editor also knows my anon Facebook and Twitter accounts. Strange. -- BullRangifer (talk) PingMe 20:52, 3 May 2018 (UTC)

User:BullRangifer You posted it here on WP when you were talking with some IP who then posted it on my talk page because he saw me arguing with you. Someone tried to access my WP account too. Factchecker_atyourservice 02:05, 4 May 2018 (UTC)

Thanks for clearing that up. Let's make sure it doesn't spread. I'll seek a revdel. -- BullRangifer (talk) PingMe 03:18, 4 May 2018 (UTC)

• Happened to me this morning. In a way i'm glad it is not an isolated incident.--SamHolt6 (talk) 21:14, 3 May 2018 (UTC)
• It happened to me too at 14:12 UTC today too. L293D (☎ • ✎) 21:32, 3 May 2018 (UTC)
• You may add me to the list of failed hack targets. I have 2FA enabled so I am not overly concerned about my account security. But I am very concerned about what looks like an orchestrated attack on the project. -Ad Orientem (talk) 22:03, 3 May 2018 (UTC)
• For what it's worth, someone (the same person?) tried to break into my account just a few hours ago. Adam9007 (talk) 22:07, 3 May 2018 (UTC)

+1 - I felt like the odd one out so kinda glad someone attempted it , Jokes aside why is there a huge influx of password resettings ? ... It doesn't seem all that productive .... –Davey2010^Talk 22:25, 3 May 2018 (UTC)

• Happened to me 7 hours ago. Silly culprit; if he was targetting editors with any care, Davey2010 and other big-name users here should have been higher on his priority list than me. No one's ever bothered to try to hack my account before. Sideways713 (talk) 22:48, 3 May 2018 (UTC)
• I got that notification as well, 2 hours ago. theinstantmatrix (talk) 22:57, 3 May 2018 (UTC)

Same here, a few hours ago. GoodDay (talk) 23:26, 3 May 2018 (UTC)

• Could this be related to today being World Password Day? ^Falling_Gravity 23:39, 3 May 2018 (UTC)

• Read up above - I heavily doubt it, since the perpetrator is apparently known to the WMF. As an aside, they tried me as well, but my password's only been strengthened since I was an admin, so they didn't get far. —Jeremy v^_^v ^Bori! 23:47, 3 May 2018 (UTC)

Me too, although I'm pretty sure who tried doing it... Am i famous now?💵Money💵emoji💵^Talk 23:46, 3 May 2018 (UTC)

• For the first time ever, I received notification that someone had tried to log into my account today. I am not an admin. This needs to be investigated.Smeat75 (talk) 00:09, 4 May 2018 (UTC)

• Read the thread above. I'm fairly certain the WMF is already on it. —Jeremy v^_^v ^Bori! 00:11, 4 May 2018 (UTC)

• Russians? ^{[FBDB] Atsme📞📧} 02:11, 4 May 2018 (UTC)

I was waiting for someone to say the Russians :) GoodDay (talk) 02:17, 4 May 2018 (UTC)

• Me too. (And yes, I have two-factor authentication.) Heimstern Läufer (talk) 12:41, 4 May 2018 (UTC)

According to this graph of the Wikimedia User Login Attempts, this account hacking attempt has resumed today and is still continuing, as of this writing. There are a lot more "Throttled logins" today than in yesterday's attacks, which now appears to comprise the vast majority of the latest attack wave. (And yes, this LTA/hacker took a swipe at my account yesterday and a couple more times today.) This is getting ridiculous. LightandDark2000 (talk) 23:30, 4 May 2018 (UTC)

I suspect this attack may have something to do with the recent Twitter password leak [1]. Is it possible that someone has got a copy of this "internal log" and has now got a botnet trying to find Wikipedia accounts that match the Twitter ones? (Yes, I got an attempt against my account too, and no, the other QuietOwl on Twitter is not me, I don't use this username anywhere else, or any social networking site, for that matter.) QuietOwl (talk) 02:48, 5 May 2018 (UTC)

Okay, this time, the next attack wave is longer than the first one, and it's still ongoing right now. This can't be a good sign. LightandDark2000 (talk) 06:34, 5 May 2018 (UTC)

A graph depicting the duration and scale of the mass account-breaking attempts in May 2018.

I've added a picture of the graph depicting the mass-cyberattack attempts. I estimate that at least 400,000 accounts may have experienced some attempt to break in. It should be noted that this is the largest account-hacking attempt that Wikimedia has experienced at least in the last 5 years (possibly the largest such attack ever). I also noticed today that the attacks seemed to have stopped. I wonder what happened to the hacker. What's keeping him? ;) LightandDark2000 (talk) 06:22, 6 May 2018 (UTC)

Today, only 30 minutes ago, someone (probably the same hacker) tried to break into my account 3 more times. I guess it must have something with me uploading the picture. Though I already hardened my password 2 more times, so it won't really help them at all. What in the hell is wrong with this person? The WMF seriously needs to block the access for the IP network responsible; at least Globally Rangeblock the IP if it will help. LightandDark2000 (talk) 19:56, 6 May 2018 (UTC)

Oh, God, they're doing it again! This time the attacks are almost entirely "login throttles". Seriously? Someone needs to block off the IP network hosting the attacks, or at least add in some new firewall rules to Wikimedia Foundation computers if this is some kind of offline attack. LightandDark2000 (talk) 10:40, 7 May 2018 (UTC)

What does "login throttled" mean? Natureium (talk) 16:48, 7 May 2018 (UTC)

I have same problem. Someone is trying to hack my account Lado85 (talk) 08:24, 8 May 2018 (UTC)

I have a suggestion (i am not an admin but thought i'd comment). My account hasn't been targeted (yet), but if it ever does, they won't get very far, my password is not even a word or phrase maybe others should follow suit with their password being a "random" combination of letters and numbers. Lavalizard101 (talk) 11:39, 8 May 2018 (UTC)

PSA: Admins should enable two-factor authentication

As an additional security measure, admins and editors with similar permissions can (and should) use Special:Two-factor authentication to prevent account hijacking. Sandstein 21:51, 3 May 2018 (UTC)

• (edit conflict)I would gladly use 2FA (and I was also the subject of a hack attempt) if the code was emailed, in addition to (or instead of) being sent to a mobile number. We have a cell phone but it's usually off, but my email is generally available. I may not be the only admin in a similar situation. Miniapolis 22:51, 3 May 2018 (UTC)
  • The code is not send to the mobile phone, it's locally generated (based on time and a secret key) by an app on the phone. I don't know if it works for your use case, but you don't need to have the phone on (except for the very moment of login) or even online. --Stephan Schulz (talk) 18:51, 7 May 2018 (UTC)
    • Miniapolis YMMV depending on which service you use, but authy has desktop clients for macOS and Windows as well. ~ Amory (u • t • c) 21:16, 7 May 2018 (UTC)
• I really really do not agree, Sandstein. We've had several cases of admins, including technically savvy admins, who have been in despair because they lost their whatsits — I don't remember what they're called — some magic formulas that you need for your account when you have two-factor authentication — and apparently the magic gets lost every time you get a new phone. Ouch. Eventually, after much stress, these people have been rescued through being able to e-mail people who can vouch for them because they recognize the way they talk. (Hello, Jehochman, hope your account is OK these days.) People who habitually edit from internet cafes or library computers, or who have a mischievous twelve-year-old or a hard-drinking sister-in-law around the house, may possibly need the system, but everybody else had much better instead get a really strong password and not use that password anywhere else. In my opinion. Bishonen | talk 22:57, 3 May 2018 (UTC). (PS: And yes, I've had the attempts today and so has Bishzilla. Considering the numbers of people who have, I find it hard to believe WWII editors have been singled out.) Bishonen | talk 23:02, 3 May 2018 (UTC).

You're both right, to some degree. Bish, the magic you're thinking of is a scratch code (I'm not sure if that's what our implementation calls it) and it is just a plain text code that you're supposed to keep somewhere safe, so that if you do lose your authentication device (i.e. get a new phone) then you can use that code to reset your 2FA and re-implement it on your new device. If you lose your password AND your device AND those codes AND nobody can vouch for you, then yeah, you're fucked, but that's a lot of concurrent failures. If I remember right, when you enable 2FA here the codes you need are all displayed on the screen (you scan a QR code and the scratch codes are plain text), not sent by text or emailed or whatever. Maybe that depends on what authenticator you use. Ivanvector (^Talk/_Edits) 23:07, 3 May 2018 (UTC)

• <<ec>>What Bishonen said. Every time I read the instructions my blood runs cold. With the two factor authentication I have w/ my bank and emails, there is a backup and authentication involves sending a request to my phone. The process here sounds dangerously complicated, and the grater risk is that I lose my whatsit.--Dlohcierekim (talk) 23:09, 3 May 2018 (UTC)

Is it true that once you do this there's no going back? I don't want to do something irrevocable. And I have a strong password.--Dlohcierekim (talk)

No, not at all, you can turn it off any time as long as you have access to your account. I get that we're still calling it "beta", but I turned it on the day my RfA closed, and I've never had a problem. Ivanvector (^Talk/_Edits) 23:22, 3 May 2018 (UTC)

Blood-chillingly complicated is right, Dlohcierekim. And it sounds to me like the whole log-in operation, otherwise so smooth, gets much more fiddly with 2FA, every time you do it. That's quite a problem for people with a lot of socks![2] Bishonen | talk 23:30, 3 May 2018 (UTC).

Not by much, no, there's one extra step. The squirrel still gets in just fine. Ivanvector (^Talk/_Edits) 23:49, 3 May 2018 (UTC)

• I use Authy (authy dot com) for my 2FA here. It allows one to use multiple devices as well as back up the seed. There is a slight security hit since more than one device can be used but for me it is worth it to remove the single point of failure. Jbh ^Talk 23:45, 3 May 2018 (UTC)
• I have to say I was intimidated by it at first as I am not super technically minded but once it is set up it is remarkably easy to use, and I made sure I have those scratch codes in a safe place in case I ever need them. Beeblebrox (talk) 00:19, 4 May 2018 (UTC)
• I actually am a techie person, but I do agree that the instructions and setup appear intimidating. But once it is set up, 2FA really is easy to use. Enter your password as usual, then it asks for a number. Open the app on your phone/tablet/whatever, and it displays a number. Type in that number. And as long as you do remember to record the original scratch codes somewhere, the whole thing can always be reset in the event of a disaster. As for login attempts, I've had one rather than the multiple attempts that many are getting - presumably it stopped at the first 2FA challenge. Boing! said Zebedee (talk) 08:55, 4 May 2018 (UTC)
• I use 2FA, but as someone who seems to drop or otherwise break their phone at least once per year, I agree with others that the way 2FA works is a royal pain in the neck. If I'm unable to access my old device, I have to (a) find where I wrote down the scratch codes (b) use one to login & disable 2FA (c) re-enable 2FA with the new device and (d - and this is the worst bit) write down a whole new set of scratch codes. If you've lost your scratch codes, you are basically screwed and are looking at registering a new account and convincing anyone who will listen that the two are connected. Committed identity helps with this - but of course you have to be able to find the file you used to create it. Things that would help with this situation are (a) only generate a new set of scratch codes when a user requests it or when the last one is used, not every time 2FA is enabled, so that at least you don't have to write down a whole new set every time you use one and (b) have some back up way of resetting authentication on the account. The latter would involve the WMF holding some way of getting in touch with you or proving your identity. I guess for people who have identified to the WMF this is already possible; otherwise, of all the websites I use, enwiki is the one where it is hardest to recover your account - and it seems it is often impossible. I thought there was a phab ticket to improve this situation, but I can't find it just now (fun diversion: try searching '2FA' on phab and you'll see how many people have difficulties with it - it seems that at least sometimes it is possible to convince the devs to twiddle bits). GoldenRing (talk) 11:20, 4 May 2018 (UTC)

Been a long time crossing the Bridge of Sighs

• Two factor authentication, as implemented on Wikipedia, is farkakt. Jehochman ^Talk 18:12, 4 May 2018 (UTC)

  gesundheit--Dlohcierekim (talk)

• Regarding losing scratch codes - does no one else use a cloud storage or cloud backup service? --NeilN ^{talk to me} 20:08, 4 May 2018 (UTC)

  negative. I consider nothing in the cloud or otherwise online secure.--Dlohcierekim (talk) 20:09, 4 May 2018 (UTC)

• @Dlohcierekim: Sigh. ^{[citation needed]}... --NeilN ^{talk to me} 20:14, 4 May 2018 (UTC)

Psssst, Neil...be careful not to use too many *sighs* ^{[FBDB] Atsme📞📧} 20:38, 4 May 2018 (UTC)

Hidden Tempo? Is that like a Ford Tempo but with a quieter engine? Martinevans123 (talk) 08:21, 5 May 2018 (UTC)

PSA: Admins might be better off with a long passphrase rather than two-factor authentication

Just so you know, not everyone agrees that 2FA is a magic bullet.

https://www.economist.com/blogs/economist-explains/2017/09/economist-explains-9

https://www.schneier.com/blog/archives/2016/08/nist_is_no_long.html

https://krebsonsecurity.com/2016/09/the-limits-of-sms-for-2-factor-authentication/

https://www.theverge.com/2017/7/10/15946642/two-factor-authentication-online-security-mess

I'm just saying. --Guy Macon (talk) 20:03, 4 May 2018 (UTC)

• Just as a reminder, users with advanced permissions are required by WP:STRONGPASS to have a strong password anyway. 2FA is just another option to strengthen account security. Beeblebrox (talk) 20:08, 4 May 2018 (UTC)

  @Beeblebrox: Personally, I don't understand why the (not particularly strict, IMHO) requirements for privileged users don't apply to all users. Nearly every insignificant forum on the web has stricter password requirements than Wikipedia, for heaven's sake! Gestumblindi (talk) 14:26, 5 May 2018 (UTC)

@Gestumblindi: The reason is simple: consensus was against it when the policy was developed. The reasoning was that it might discourage new users. Beeblebrox (talk) 18:14, 5 May 2018 (UTC)

@Beeblebrox: I remember, but consensus might change. Maybe it's now the time for proposing slightly stricter requirements more similar to those customary anywhere else on the web? I don't get the "it might discourage new users" reasoning - after all, people should be well accustomed to having to use reasonably strong passwords by now. As it is, the password requirements for regular users are extremely and most unusually low, and the requirements for admins are still rather below standard. Gestumblindi (talk) 18:31, 5 May 2018 (UTC)

• Hopefully 20 bytes is enough.--Dlohcierekim (talk) 00:58, 5 May 2018 (UTC)

20 characters is almost certainly enough. A password that meets the requirements set forth in STRONGPASS (8 characters) will be broken by an offline password-guessing program in under a minute.[3][4][5][6][7] --Guy Macon (talk) 01:33, 5 May 2018 (UTC)

Only if the Mediawiki software doesn't throttle login attempts (I'm pretty sure it does, given the "throttled logins" category in the charts above) or the attacker has access to the raw password hashes and the salts (and the passwords are stored using a low number of hash iterations). Even at 1000 guesses per second, 8-characters with one uppercase letter and one digit would take 7000 years to crack. --Ahecht (TALK
PAGE) 16:08, 10 May 2018 (UTC)

• It should be noted that most of those articles are about 2FA using SMS codes, or using such SMS codes as backups for the type of 2FA we have. Neither of which we do for that exact reason. Which is also the reason you are so screwed on this site if you loose your scratch codes AND your phone. However I agree that having a 20 character password that you only use on en.wp is probably more important than having 2FA. But I use 2FA on ALL my accounts wherever I can, and because i use it for so many services, it has stopped being bothersome. —TheDJ (talk • contribs) 09:11, 5 May 2018 (UTC)
• Yup. Make sure it passes the dictionary attack though. rhin0cer0usstransgal4cticdifferential is easier to remember and just as good as 25 characters of random gibberish. ^{cinco de} L3X1 ◊distænt write◊ 13:13, 5 May 2018 (UTC)
  • The passphrase Rhinoceros transgalactic differential. (with the initial capitalization and the ending period) is stronger still. Even better would be "My rhinoceros has a transgalactic differential." -- harder for a computer to crack and easier for a human to remember; just remember that it is a valid sentence using standard English spelling and grammar. Replacing o with 0, a with 4, etc. just makes it harder to remember without adding much in the way of difficulty for a password guessing program. --Guy Macon (talk) 20:26, 5 May 2018 (UTC)

Source on that. The few times I've had to turn my previous laptop into a wireless router (long story), the password was something like "screwoffyoucommiespybastardsthisismygoddamnwifi" or similar full sentences.

Now, it still needs to be multiple words, because single words are not a problem for dictionary attacks. Ian.thomson (talk) 20:55, 5 May 2018 (UTC)

User:Guy Macon: Re A password that meets the requirements set forth in STRONGPASS (8 characters) will be broken by an offline password-guessing program in under a minute. - Does WikiMedia not have, or could they not develop, a system where three (or so) failed attempts to log in to an account, lock the account? For a comparable example, if someone tries to use an ATM card and puts in an incorrect code three times, on the third try the ATM will eat the card. Couldn't WikiMedia have some way of locking an account after three (or X number to be decided) failed attempts at entering the password? --MelanieN (talk) 01:31, 6 May 2018 (UTC)

• So you first lock all the admin accounts, then you go vandalize at will. This would work well. Remember, everything can be gamed, and this plan is game-able in two seconds flat. The reason teh ATM example works is because someone already has your card. Courcelles (talk) 01:36, 6 May 2018 (UTC)

  Actually, I am pretty sure the number of attempts per minute is limited (and not to 10^10), but I do not remember where I have seen this and what the number actually is.--Ymblanter (talk) 07:13, 6 May 2018 (UTC)

I think there is some form of rate limiting although I don't know the details. I'd note a system which completely locks an account after 3 tries requiring some sort of reset is open to abuse since it means people who want to annoy an editor can keep locking their account. Nil Einne (talk) 16:40, 6 May 2018 (UTC)

(If the following is too long for you, just read https://xkcd.com/936/ and https://xkcd.com/538/ ).

Every time I have looked into the nuts and bolts of how the WMF does security, it has always, without fail, turned out that they do it right, so I am not even going to bother finding out how they stop an attacker from either making millions of guesses per second or being able to lock out an admin by trying to make millions of guesses per second. Clearly the WMF developers read the same research papers that I do.

That being said, as explained at Kerckhoffs's principle#Modern-day twist, while doing things like rate limiting are Very Good Things, we are not to rely on them. We are to assume that the attacker knows every byte of information on the WMF servers (and in fact the attacker may actually be someone who has knows every byte of information on the WMF servers -- If a nation-state offered a key WMF employee millions of dollars if he complied and made a credible threat to torture and kill his family if he didn't, there is a 99%+ chance that they would end up knowing every byte of information on the WMF servers.)

The WMF does not store your passphrase anywhere. When you enter it it a cryptographic hash is performed and the result compared with a stored hash. This means that an attacker who knows every byte of information on the WMF servers can perform a high-speed offline passphrase-guessing attack, but cannot simply look up your passphrase and use it to log on. So according to Kerckhoffs's principle, you should choose a passphrase that is easy to remember and hard for a high-speed offline passphrase-guessing program to guess. I will call that that "Macon's principle" so that I don't have to type "choose a passphrase that is easy to remember and hard for a high-speed offline passphrase-guessing program to guess" again and again.

Bad ways to follow Macon's principle

• Passwords instead of passphrases (single words instead of strings of words with spaces between them).
• Random gibberish.
• Short passwords or passphrases. 8 is awful, 16 is marginal, 24 is pretty good, 32 is so good that there is no real point going longer.
• Character substitutions (Example: ch4r4ct3r sub5t|tut10ns)

Good ways to follow Macon's principle

• Use a standard English sentence with proper grammar, spelling, and punctuation.
• Make it longer than 32 characters and have it contain at least three (four is better) longish words plus whatever short words are needed to make it grammatically correct.
• Make sure that sentence has never been entered anywhere on your hard drive (including deleted files) or on the internet. "My Hovercraft Is Full of Eels" is bad because a dictionary that contains every phase used in Monty Python's Flying Circus would find it.[8]
• Make it meaningful, easy to remember, and something that generates a strong mental image.
• Make it meaningful to you, but unguessable by others (don't use your favorite team, first kiss, mother's maiden name, etc.)

An example of a good passphrase that follow Macon's principle would be:

 Sherwood painted his Subaru pink so that it would blend in with his flamingos.

(This assumes that you actually know someone named Sherwood and that he owns a non-pink Subaru. Replace with a name/car from among your acquaintances)

That's 78 characters that nobody in the history of the earth has ever put together in that order until I just wrote it. Typos really stand out (Sherwood paibted his Subaru pink so that it would blend in with the Flamingos) and are easy to correct. The sun will burn out long before the fastest possible passphrase-guessing program completes 0.01% of its search. And yet it would be far easier to remember than the far easier (for a computer) to guess BgJ#XSzk=?sbF@ZT would be. --Guy Macon (talk) 18:16, 6 May 2018 (UTC)

I feel there is some confusion in this thread around password security I'd like to clear up:

• re MelanieN: Guy Macon is referring to an "offline" attack, which is a fancy way of saying how long it would take if the attackers found a way to bypass all rate limiting and had a copy of the password file from WMF's servers. In an "online" attack (When somebody tries to login via Special:userlogin many time), rate limiting does come into play. Currently the rate limit is set to at most 50 in five minutes (Which honestly, is a little on the high side for a short term limit) [Edit: I was reading the wrong page, its actually 5 tries in 5 minutes], and no more than 150 tries in a 2 day period. Long before the hard limit comes into play, there is a soft limit where people need to enter a captcha in order to continue logging in. Of course we also record whenever their is a failed login and may take manual action if it appears an attack is happening.
• re WP:STRONGPASS - the requirement for admin passwords enforced by the system is a minimum requirement, largely aimed (at least in my opinion) to prevent an online attack. People are of course encouraged to use even stronger passwords. The passphrase method Guy Macon mentions is one good way of generating strong passwords. Another popular method is to use a password manager to manage your random passwords for you. In addition to using a strong password, it is vitally important to use a unique password. It is much more common for attackers to get your password from other websites than it is for them to brute-force it.
• re 8 character random password cracked in minutes. I don't think that calculation is correct. If we assume a random 8 character password (And I mean truly random, e.g. generated via dice or a password manager, not randomly chosen by a human as humans are terrible at randomly choosing a password), that's about 4048 bits of entropy. Based on [9] we have about 2301200000 hashes/sec and we're using 128000 rounds PBKDF-sha256. 2^(6*8)*128000/23012100000 ≈ 1565645769 seconds = 49 years. That said, longer passwords are much better, and most people are very bad at picking random passwords. Of course, if your 8 character password is '12345678' it will be cracked in milliseconds. In any case, I'd still highly highly recommend a password longer than 8 characters. BWolff (WMF) (talk) 21:09, 6 May 2018 (UTC)

  My first password was the name of a fictional place. The, a number, then a combination. Now its a 15+ keystroke monster that requires hints. So far, I've stayed ahead in this Red-Queen's race.--Dlohcierekim (talk) 22:29, 6 May 2018 (UTC)

• No, and I don't care what anybody else thinks. "Use a standard English sentence with proper grammar, spelling, and punctuation." assumes there is a "standard English". English spelling, phrases and punctuation tends to vary by country, and often by personal background. Also, not everybody participating on English Wikipedia has English as a first-language. And God forbid anybody's account gets compromised, and they have to not panic long enough to type out the sentence. Not everybody has the same abilities, either technological or mental. I personally have encountered users (plural) who have motor skill limitations, and/or physical limitations, that would make this difficult on them. Not all users have the same level skill or abilities at anything. Please do not make it worse for people struggling already. — Maile (talk) 21:27, 6 May 2018 (UTC)

• I believe that you missed the point. Use what you consider to be a standard English sentence with proper grammar, spelling, and punctuation. If, you, overuse, commas, and, kant, spel, that's fine as long as you do it the same way every time. And if you are better at Spanish, use what you consider to be a standard Spanish sentence with proper grammar, spelling, and punctuation. If you are handicapped in such a way that you cannot type the same thing every time, sorry, but you are hosed on any system that requires a username or password. My advice also doesn't work if you are in a coma or are Amish and not allowed to use a computer. None of this applies to the discussion at hand, which is advising administrators on the English Wikipedia regarding passphrases. None of them are unable to type a standard English sentence the same way every time. --Guy Macon (talk) 07:21, 8 May 2018 (UTC)

The advice to use standard English is usually meant as Don't use abbreviations or misspellings in your password because that doesn't make your password any harder to break. If you are using the, "use a long sentence as a passphrase method", you should spell out your long sentence in whatever way you normally write. The downside to the long sentence method is that it can be difficult to enter such a long thing into a password box (even if you don't have motor skill/physical limitations, but obviously its much harder for people who do have such limitations). For people who have difficulty entering long passwords, probably the best approach is to use a password manager program, which means you don't have to enter the password at all as the program takes care of it for you. Password managers are an approach that I personally would recommend in general as being the easiest way to have a secure password. BWolff (WMF) (talk) 21:54, 6 May 2018 (UTC)

U wot, M8? Standard English ya say? That'd limit me choises, now woulden' it?--Dlohcierekim (talk) 22:33, 6 May 2018 (UTC)

I use a password manager, but I still need to remember the passphrase to get at all the other passwords in the password manager. --Guy Macon (talk) 22:37, 6 May 2018 (UTC)

No need to do the math. Steve Gibson has done it for us. See [ https://www.grc.com/haystack.htm ].

The calculation is done locally, using Javascript, so the password doesn't leave your computer. To be extra safe, try

• HZn?m+jW
• PhBixXL4
• qza7nm3g
• pgupwmxn
• 54606559

as your 8-character test password.

I just generated the above from my atomic decay true random number generator, set to chose from:

• The 95 ASCII printable characters (0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ `~!@#$%^&*()-_=+[{]}\|;:'",<.>/?)
• The 62 ASCII a-z/A-Z/0-9 characters (0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ)
• The 36 ASCII a-z/0-9 characters (0123456789abcdefghijklmnopqrstuvwxyz)
• The 26 ASCII a-z characters (abcdefghijklmnopqrstuvwxyz)
• The 10 ASCII 0-9 characters (0123456789)

BTW, an 8x Nvidia GTX 1080 system is pretty low powered for this. If you want to read the details, see [On the Economics of Offline Password Cracking - Purdue CS].

Key quotes:

"Nevertheless, our analysis suggests that even PBKDF2-SHA256 with 100,000 hash iterations is insufficient to protect a majority a user passwords [from an offline attack]"

"Bonneau and Schechter observed that in 2013, Bitcoin miners were able to perform approximately 2^75 SHA-256 hashes in exchange for bitcoin rewards worth about $257M. Correspondingly, one can estimate the cost of evaluating a SHA-256 hash to be approximately $7 x 10^-15."

Or, we can just skip the math and see what happens when we try "Sherwood painted his Subaru pink so that it would blend in with his flamingos." on the GRC calculator. The time to crack goes from 27.57 seconds to 10.05 million trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion centuries. --Guy Macon (talk) 22:37, 6 May 2018 (UTC)

I feel so inadequate, now. Mine would only take 100 trillion years!--Dlohcierekim (talk) 23:06, 6 May 2018 (UTC)

...and that's only if the attacker is really unlucky. On the average, he will be able to crack your account in a mere 50 trillion years, while I will be sitting back with my 64-character passphrase and 12 million trillion trillion trillion trillion trillion trillion trillion trillion centuries cracking time. Or until someone decides to beat it out of me...[10] --Guy Macon (talk) 08:21, 8 May 2018 (UTC)

@Guy Macon: Thanks for the link to that paper - I hadn't read it before, and their password cracking economic model is quite interesting. However, I'm unsure about the assumption that password crackers have access to ASICs similar to bitcoin miners - ASICs are very costly to develop (hundreds of millions of dollars up front cost). As far as I am aware, nobody has publicly made (let alone publicly sells) such machines, so the adversary would have to be very well funded in order to develop them. ASICs are way out of my knowledge area - but some googling also suggests that password cracking with ASICs might be difficult for a dictionary attack due to bandwidth limitations on transferring candidate passwords to the ASIC (That of course would not apply to a brute force attack), so even if an ASIC was developed its unclear it would be as useful as they are in the bitcoin case. As for the GRC calculator - its very hard to give accurate estimates of password strength as there are many factors and assumptions you have to make. First of all, since it is a generic calculator, it wouldn't take the key stretching we use at wikimedia into account. On the other hand, it was published in 2012 and password crackers have gotten faster since then (e.g. The 8x Nvidia is what I would describe as an "Offline Fast Attack Scenario", and is 10x faster than what the GRC page describes for that strategy). More importantly, that page only describes a brute force attack, where most adversaries would probably try a dictionary attack. For example, the password "dolphin" (Which by some measure is the 347'th most popular password [11]) according to GRC would take 3 months in an online attack scenario, where in reality it would fall in less than a second since its the 347th most popular. Similarly, the GRC page lists 'aaaaaaaaaaaaaaaaaaaa' as being a good password, which I would disagree with. All this however is kind of getting far afield, and I do agree with your advice that longer passwords are better and having a longer password is more important than having a complex password (unless your password is super obvious as that's not good either). BWolff (WMF) (talk) 00:28, 8 May 2018 (UTC)

Thanks! I agree with pretty much everything everything above. The GRC website also agrees (see the "IMPORTANT!!! What this calculator is NOT..." section.) I probably should have talked more about dictionary attacks. My collection of cracking dictionaries is getting big enough that I will likely have to buy a bigger drive to hold them soon. (No, I am not a malicious hacker. Some companies hire me to evaluate their security. Or at least that's the story I am telling now... :) )

Any decent dictionary attack will try "a" "aa", "aaa" up to at least 64 repetitions, and will als try "b", "bb", "bbb", etc. The good news is that if you use two words in that big cracking dictionary separated by a space, the time for an exhaustive search is squared, and with three it is cubed. The example I made up above "Sherwood painted his Subaru pink so that it would blend in with his flamingos." has 14 dictionary words. Even if the dictionary was really tiny (say, 1000 words), that's 10^42 guesses. And such a dictionary is unlikely to contain "Sherwood" (with the capitalization) "Subaru", or "flamingos." (with the trailing period).

Regarding ASICS, the zipfs paper correctly concludes "an attacker who is not willing to pay to fabricate an ASIC could obtain similar performance gains using a field programmable gate array (FPGA)". The really interesting question that the zipfs paper cannot answer is this; how much is it worth to get every password for every Wikipedia user and not have the WMF detect this for a couple of years? Is it worth more or less than the Yahoo or AshleyMadison breaches? Is it worth ordering custom ASICS? Hard to tell.

BWolff (WMF), I have a couple of interesting questions for the WMF.

[1] The zipfs paper says "Many breaches (e.g., Yahoo!, LinkedIn, Dropbox) remained undetected for several years." What would happen if we suddenly found out that a couple of years back someone had cracked every Wikipedia password, from Jimbo down to the huge number of accounts that registered years ago and haven't logged on since? Obviously we tell everyone to pick a new password, but how do we know that the person doing the picking isn't an attacker? I assume that we have a plan in place for this and other unlikely disasters.

[2] Has anyone at the WMF evaluated the zipfs paper's advice about either memory hard algorithms or distributed authentication servers? --Guy Macon (talk) 08:21, 8 May 2018 (UTC)

( ...Sound of Crickets... ) --Guy Macon (talk) 15:12, 10 May 2018 (UTC)

I assume that an attacker as stubborn as this has a lot of resources. Perhaps as much as a nation state or intelligence agency. Don't know motive, but we live in interesting ties. The bottom line is, are there additional steps I/any user can take (20 byte password) to protect my account?-- Dlohcierekim (talk) 16:06, 10 May 2018 (UTC)

It looks like a goal of this particular attacker (who also might be the same person who tried to subscribe en masse to various mailing lists) was not to break in any of the account, but more to create the state of uncertainty so that people start getting worried about the security of their accounts.--Ymblanter (talk) 16:39, 10 May 2018 (UTC)

Re Guy Macon: In the event of a disaster of that type (which I hope never happens) - the most fundamental step would be marking everyone's password "expired" which forces the user to change their pass next login, and notifying everyone to change their password asap. Beyond that would depend on the details of the situation, but if we believed the passwords were floating out there we might for example require people to submit a code emailed to them to prove that the person also controls the email. In regards to memory hard hash functions - last time we evaluated hash functions (and chose pbkdf) was quite a long time ago when the ecosystem of memory hard hash funcs were much newer and less mature than it is now. Its always good to reevaluate choices at regular intervals, perhaps we will consider other hash functions in the future. As for distributed auth servers - it doesnt make sense in our current architecture and would be difficult to implement as things currently stand. There are probably other projects that have a better effort vs value proposisition. As far as the idea goes in general - if you have multiple identical distributed auth servers im not sure how much of an improvement that is since if someone can compromise one they can probably compromise the others (as they are identical). BWolff (WMF) (talk) 22:35, 10 May 2018 (UTC)

Account hacking of World War II editors?

Hello all, something is definitely afoot at the Circle K. I am seeing some reports about people who edit World War II articles having attempts made by someone to access their accounts. User:LargelyRecyclable alerted two other World War II editors of this problem [12] and just this afternoon the Wikipedia system alerted me that someone had tried to log into my account multiple times from a new location. On top of it all, there was a strange occurrence a few weeks ago, where someone impersonating an administrator called my job and asked I be "investigated" for my World War II related work on Wikipedia. User:Kierzek and I are both well known WWII editors and I wonder if others are having these experiences too. I changed my password this afternoon, I would encourage others to do the same if they are being affected by this. The most troublesome thing is that the group making mention of this are all World War II history editors, which is why I brought it up here. If for no other reason, then just to alert the powers-that-be that something is going on. -O.R.^Comms 21:43, 3 May 2018 (UTC)

I can confirm an attempt was made on mine. As mentioned on the linked discussion above, I suspect that Prüm was successfully compromised. I'm not sure when exactly it happened but some of the implications of the comments the account left at ArbCom are very worrisome. That someone called your work is also a very serious issue. This seems to be targeted and possibly related to the ArbCom case. LargelyRecyclable (talk) 21:50, 3 May 2018 (UTC)

This is probably unrelated, as it has been almost five years since I edited anything related to WW II, but I received notice of someone trying to log into my account from another computer today, and someone left a comment on my user talk page in the Arabic Wikipedia, which I have never touched. Donald Albury 21:56, 3 May 2018 (UTC)

See this thread. I don't think is World War II-related, it's someone trying to hack into a great many unrelated accounts. -- Euryalus (talk) 21:59, 3 May 2018 (UTC)

(edit conflict) There's a thread about these hijacking attempts about two sections up. It's been going on all over, all day. It doesn't appear to be targeted at any one group or subgroup that anyone can tell so far. ♠PMC♠ (talk) 22:00, 3 May 2018 (UTC)

(edit conflict)I have not had any issues, so far, but given the current atmosphere, so to speak, I am not surprised. Kierzek (talk) 22:01, 3 May 2018 (UTC)

(edit conflict) It may be a site-wide attempt and not targeted, I've seen similar concerns above. The additional facets of O.R. having his worked called specifically about WWII editing and comments made with the Prum account at ArbCom may be unrelated but I'd still advise additional caution for any editors who've done work in that area. LargelyRecyclable (talk) 22:01, 3 May 2018 (UTC)

Just notified of a failed attempt on my account. Cinderella157 (talk) 22:08, 3 May 2018 (UTC)

I also had a failed attempt, as did another member of WP:Indigenous. Other user is not an admin, both attempts failed. Checking with other admins who did not have attempts made. There may be a pattern with targeting wikiprojects and those who edit in controversial areas. Or it could be random. I lean slightly to the former, but no hard evidence yet. - CorbieV ^☊ ☼ 22:20, 3 May 2018 (UTC)

It's random. I barely edit and I just got a failed attempt. Valeince (talk) 23:04, 3 May 2018 (UTC)

Me too., and I'm not involved in any of the projects mentioned above. It seems to be some kind of wide-ranging attack. Coretheapple (talk) 23:15, 3 May 2018 (UTC)

• Yep, I had an attempt about 9hours ago. I've changed my password, which was decent, to a much stronger one. Blackmane (talk) 23:21, 3 May 2018 (UTC)

Likewise. ♦ J. Johnson (JJ) (talk) 23:22, 3 May 2018 (UTC)

• I just got notified there was a failed attempt to log into my account. — Maile (talk) 23:25, 3 May 2018 (UTC)
• I'm all buy quiescent these days in terms of editing and I got an alert as well. Obviously someone working through a list, though whether it's admins or something else... Tabercil (talk) 23:36, 3 May 2018 (UTC)
• Again, everyone, there were over 70,000 attempted logins per hour for several hours. Basically, they tried to reset the password of everyone. Beeblebrox (talk) 00:09, 4 May 2018 (UTC)
• This also came up at the help desk (where I mentioned that an attempt had been made on my account too), although that discussion has apparently been closed to try to centralize discussion here. The attacks are on far more than just World War II editors. I don't know where Beeblebrox's 70,000 figure is coming from, but I wouldn't doubt it. Master of Time (talk) 00:18, 4 May 2018 (UTC)

The number comes from the WMF. I have been told they are releasing some sort of statement about this soon. [13] Beeblebrox (talk) 00:22, 4 May 2018 (UTC)

Statement from WMF

Just noting here that the Wikimedia Foundation has sent a statement out to the wikimedia-l mailing list: [14]. Mz7 (talk) 00:30, 4 May 2018 (UTC)

Full text of statement

Hello, Many of you may have been receiving emails in the last 24 hours warning you of "Multiple failed attempts to log in" with your account. I wanted to let you know that the Wikimedia Foundation's Security team is aware of the situation, and working with others in the organization on steps to decrease the success of attacks like these. The exact source is not yet known, but it is not originating from our systems. That means it is an external effort to gain unauthorized access to random accounts. These types of efforts are increasingly common for websites of our reach. A vast majority of these attempts have been unsuccessful, and we are reaching out personally to the small number of accounts which we believe have been compromised. While we are constantly looking at improvements to our security systems and processes to offset the impact of malicious efforts such as these, the best method of prevention continues to be the steps each of you take to safeguard your accounts. Because of this, we have taken steps in the past to support things like stronger password requirements,[1] and we continue to encourage everyone to take some routine steps to maintain a secure computer and account. That includes regularly changing your passwords,[2] actively running antivirus software on your systems, and keeping your system software up to date. My team will continue to investigate this incident, and report back if we notice any concerning changes. If you have any questions, please contact the Support and Safety team (susawikimedia.org). John Bennett Director of Security, Wikimedia Foundation

General Advice from a Non-Admin

My advice, both to non-admins who can't use two-factor authentication, and to admins, who can use it, is simply to check your User Contributions regularly and make sure that they are all your own. If so, your account has not been compromised, and if your password is strong, it is not likely to be compromised. Robert McClenon (talk) 01:21, 4 May 2018 (UTC)

This really seems more like a really elaborate troll than a genuine attempt at compromising tens of thousands of accounts. Just look at how much discussion, verging on panic, it has generated. I’m sure whoever made the bot tht did this is very pleased with themselves right now. Beeblebrox (talk) 01:34, 4 May 2018 (UTC)

Should this all be rev-delled under DENY? L3X1 ◊distænt write◊ 02:04, 4 May 2018 (UTC)

(edit conflict)Having a Wikipedia:Committed identity isn't a bad idea if you might ever have to recover your account. Additionally - I believe editors whom are admins on any wikimedia wiki can enable 2FA. SQL^{Query me!} 01:34, 4 May 2018 (UTC)

No, the attempt is likely a serious attempt at gaining credentials. If a hacker logs into User:Example's account, and User:Example reuses their username somewhere else (example@hotmail.com) with the same password, they can be royally screwed. The usurpation of Wikipedia identify is most likely not what they are after and the leaset of your worries if that happens. E.g. if it's a dummy email, no really consequence comes of it. But if you use that email to conduct every day business, your banking, have sensitive information, etc... well the people involved would now have access to that, and use that new information to further acquire other information and credentials. Headbomb {t · c · p · b} 04:09, 4 May 2018 (UTC)

SQL is correct, an editor who is an admin on any wiki can enable/disable 2FA on their account. I've been experiencing attempts to access my account for over a week now and I have enabled 2FA through being an admin at test wiki. -- Dane ^talk 05:31, 4 May 2018 (UTC)

A strong password is the solution. If you are mostly editing from one place (say home) just write on a piece of paper a random combination of characters, 25 characters long (make sure you are not able to memorize it - otherwise make it longer) which contains small and large case letters, numbers and special characters - and possibly even letters of other alphabets if you can reproduce them with your keyboard. This will be your Wikimedia password. Have it written on the paper in a secure place (no chance to lose) and never use it elsewhere, on any other websites.--Ymblanter (talk) 05:47, 4 May 2018 (UTC)

"Mr. Owl—how many flops does it take to get to the Tootsie-Roll™ center of a Tootsie Pop™?" Factchecker_atyourservice 14:46, 4 May 2018 (UTC)

I strongly suspect that whoever is doing this is using a list of passwords leaked from other sites, rather than trying to brute force their way into each account. I doubt they're even trying variations on the password that's on that list. That's why most of us are only getting one failed login attempt and that's it. While it's good to have a strong password anyway, if what I think they're doing is what they're doing, changing the password is the kicker. Ian.thomson (talk) 14:55, 4 May 2018 (UTC)

It looks indeed like yesterday they did not really attempt to break down any accounts, just let know that they exist to the largest possible amount of active user. However, this is not an isolated incident. We had recently two admin accounts broken, apparently because they re-used the passwords from other sites which were in the yahoo leak, or some other massive leak. I mentioned above that I regularly get attempts to break in to my account, sometimes up to several hundreds per day. It is obviously not possible to break a strong password which is not used on any other sites, however, it should be possible to break a weak password or to steal the existing password from elsewhere. 25 characters may be an overkill, but gives pretty much the guarantee - assuming they do not break in physically to one's house and there is no fire.--Ymblanter (talk) 15:08, 4 May 2018 (UTC)

Don't know if anyone mentioned yesterday's twitter breach, but if you used the same password there as here, you should change both quickly.--Dlohcierekim (talk) 15:24, 4 May 2018 (UTC)

My user name and password are unique to this site. --Dlohcierekim (talk) 15:27, 4 May 2018 (UTC)

Here's some handy advice. Lugnuts ^{Fire Walk with Me} 17:14, 4 May 2018 (UTC)

Since everyone is giving advice I may as well chime in. The main reason people don't use strong passwords unique to each account is that it's practically impossible to remember all those passwords. But you can use a password manager to keep track of them and to at least partially automate the process of entering passwords. I use something called KeePass but there are lots of alternatives -- see our List of password managers. Shock Brigade Harvester Boris (talk) 03:18, 5 May 2018 (UTC)

It happened again, two more attempts. If you can find out who, please ban him. Do I have any reason to be nervous, if my password is safe? Alex of Canada (talk) 17:33, 4 May 2018 (UTC)

In a word, no. Primefac (talk) 17:38, 4 May 2018 (UTC)

User:Alex of Canada - I agree with User:Primefac. If your password was and is strong and it hasn't been compromised, you are all right. Just check your User Contributions from time to time. I will comment that the hacker or bot may be hoping to get people to panic and to change their strong passwords to new weaker passwords, but that is only my guess. Robert McClenon (talk) 13:21, 5 May 2018 (UTC)

I will also comment that password regimes that require frequent changes of passwords, and that prohibit the use of a previously used password, are well-meaning but actually make things worse, because they increase the likelihood that the user will need to write down the password. This comment applies both to Wikipedia and to employer or government systems. Robert McClenon (talk) 13:21, 5 May 2018 (UTC)

• 1. MeToo, earlier today. --BrownHairedGirl (talk) • (contribs) 20:03, 4 May 2018 (UTC)

Yes, I got a failed-login warning a couple of days ago, but thought nothing of it at the time: I'm surprised there aren't more brute-force attacks. Perhaps this is where some sort of anti-bot measures might help? -- The Anome (talk) 09:22, 6 May 2018 (UTC)

See Wikipedia:Administrators' noticeboard#PSA: Admins might be better off with a long passphrase rather than two-factor authentication. --Guy Macon (talk) 20:06, 4 May 2018 (UTC)

A wise Owl indeed.--Dlohcierekim (talk) 19:16, 5 May 2018 (UTC)

page break

looks like it's falling off.--Dlohcierekim (talk)

• They're at it again today (I just got an alert that multiple failed attempts had been made to log into my account...). - Tom | Thomas.W ^talk 11:43, 7 May 2018 (UTC)
• I just got notifications for it today again. Got some before this conversation on AN started on the 3rd and some today. Thanks for jinxing it, Dlohcierekim. :) — Moe Epsilon 13:53, 7 May 2018 (UTC)
• They took the weekend off?-- Dlohcierekim (talk) 14:41, 7 May 2018 (UTC)
• Two attempts on mine just now. --Masem (t) 14:45, 7 May 2018 (UTC)
• I just got a notice that there have been multiple failed attempts to log into my account from a new device. The other day it was just one attempt. This is getting worse and I don't like it. Someone may be trying to steal my bank account or credit card information this way. Something had better be done to stop this or WP will lose editors including me. I feel like deleting my account and all my information right now. It isn't worth taking the risk.Smeat75 (talk) 15:32, 7 May 2018 (UTC)

  @Smeat75: Which would make your account more susceptible to hijack. Change your password here to something stronger. If it is the same as your password anywhere else, change your elsewhere password at once to something different. Get a committed identity hash. If you have not done so already, enable email. -- Dlohcierekim (talk) 16:37, 7 May 2018 (UTC)

  How would someone get your bank information through your wikipedia account? Natureium (talk) 16:41, 7 May 2018 (UTC)

  Password reuse. Banks should be much more secure, but theoretically the attack vector first tries to find a working username/password combination on one site. If they get that, they then use it on a more interesting site (bank, turbotax, whatever). Again, there's no evidence that any of this has been the least bit successful, and this is all just speculation at this point. ~ Amory (u • t • c) 17:32, 7 May 2018 (UTC)

Suggestion for alleviating panic

I'm in for the firs time in almost a week and was surprised to see that someone had made an attempt on my account. It was a few moments before I found this thread, and in light of that I'd like to suggest running a message through the message delivery system to all accounts on Wikipedia advising them of the situation so that our editor base gets caught up on this as soon as possible. Those who have email enabled (like me) should see the email alert in the inbox along with the section header, while those like me coming in late to the party will have the talk page message notice here and will (hopefully) check there first to get caught up. In this way we can get out ahead of this and circle the wagons, such as it were, before editors panic and act before thinking. TomStar81 (Talk) 14:17, 7 May 2018 (UTC)

• I suggest everyone get a committed identity hash string (read this first, and then get the string here), to be able to get their account back in case someone manages to take over the account (just to clarify things: getting a committed identity here does not require revealing your real life identity to anyone, you're as anonymous after getting the hash string as you were before getting it...). - Tom | Thomas.W ^talk 14:36, 7 May 2018 (UTC)

  @TomStar81: Great idea. I almost suggested it, but did not know how or where.-- Dlohcierekim (talk) 14:42, 7 May 2018 (UTC)

  Yes, anyone who has not done so already needs to get a committed identity & a really strong password, and enable email.-- Dlohcierekim (talk) 14:44, 7 May 2018 (UTC)

  And I strongly suggest laagering.-- Dlohcierekim (talk) 14:47, 7 May 2018 (UTC)

  "—it's Zulus, sir, bloody thousands of 'em!"

  I just tweaked my password for the sake of safety. As for the message, i'd propose something like this:

---

• Annnnd, was said login successful?-- Dlohcierekim (talk) 16:50, 7 May 2018 (UTC)

Attempted Hacking of Wikipedia Accounts

On or about May 4th, 2018, the Wikimedia foundation noted a massive cyberattack against the English Wikipedia with the apparent goal of locating users utializing weak passwords in order to compromise the accounts. Steps are currently being taken to track down the origin of the attack, but as a precaution all Wikipedia users with a registered account are being asked to review their accounts and passwords in order to ensure that your account does not end up compromised. Measures editors are advised to take include the following:

Choose a strong password

Ideally, a strong password is a password that uses a combination of symbols, numbers, and capital and lower case letters. Users are required to provided a minimum 8-letter password, but a longer password is viewed as more secure and passwords with letters, symbol, and number combinations are shown to stronger than simple words or phrases. Additionally, users should refrain from picking out simple passwords easily guessed (such as abcd1234 or password).

Obtain a Committed Identity Hashstring

A Committed Identity Hashstring is a security measure that allows users to type words, phrases, and other information which when put through a hash are scrambled, resulting in an unreadable line of random letters and numbers. The only person who would know what the unscrambled letters and numbers translate to would be you, thus ensuring that you could reclaim you account if it is compromised. More information about this measure can be found here, and users wishing to implement this security option may do so here.

Enable Two-Factor Authentication

Two factor authentication was added as an additional security measures for certain high privileged Wikipedia accounts - most notable, those who possess admin rights. Enabling this will make it that much harder for unauthorized persons to gain access to your Wikipedia account.

Enable E-mail notifications

Users who possess registered accounts on Wikipedia have the option of enabling email notifications for talk page messages, which may be useful for helping you to spot and stop attempts on your account as well as for keeping up to date with developments as this incident progresses.

For more information on the series of events, and to consolidate the discussions on this matter, see Wikipedia:Administrators'_noticeboard#Please_help-_who_tried_to_break_into_my_account? and its subsequent threads.

---

Of course, I'm open to adding or subtracting information as needed; just as long as we get the word out it should help our situation. TomStar81 (Talk) 15:19, 7 May 2018 (UTC)

• Strongly Object @TomStar81: sending a mass message to "all accounts" is a huge waste of job resources, especially as most accounts are dormant. If we want this to get to a large number of editors, using the logged-in user sitenotice would be preferable IMHO. — xaosflux ^Talk 15:26, 7 May 2018 (UTC)
  • @Xaosflux: Mass message is the only messaging system I was familiar with; if there is another or better system, then by all means use that instead. The important thing is that we get the word out. Keep in mind too that, as I noted above, I'm coming into this days after the fact - for all I know this could have long since been resolved (though judging from above I don't think that to be the case) which would mean the whole point of the message is now...useless. In any event, handle it how you judge it should be handled. As for me, I've got to be off to work here soon so I'll likely be unavailable for a few hours. I leave my suggestion in the board's capable hands, and trust that the best course of action will present itself and be implemented as consensus wills. TomStar81 (Talk) 15:32, 7 May 2018 (UTC)
    • For anyone following, I'm referring to MediaWiki:Sitenotice - this would put a banner on the top of the web page for logged in users. It would not send them emails or triggert notification. — xaosflux ^Talk 15:36, 7 May 2018 (UTC)
      • Oh, ok. I take it back; I am familiar with this sort of messaging, I just didn't know what it was called - at least no properly. That would probably work best, all things considered. TomStar81 (Talk) 15:40, 7 May 2018 (UTC)

• Likewise oppose this, as well as a sitemessage or watchlist notice. A great many users appear to be targeted (I have thus far received no notifications and am starting to feel left out!) but unless I'm mistaken there has been no evidence of any success on the part of the attacker. A reminder to use strong passwords is always worthwhile, and maybe worth considering via sitemessage/watchlist once this has subsided, but I don't see the utility in alarming a great many people when by all accounts everything is working just fine. ~ Amory (u • t • c) 15:41, 7 May 2018 (UTC)

• The only accounts that have been compromised in the last couple of years were the ones that re-used compromised passwords with other sites. There is really no need for mass messages or sitenotices here. The same best security practices apply today as they did a year ago - have a strong password, and if you're particularly concerned you can include other measures like 2FA (or committed identity, but honestly I have no idea how that works and can't find any read-able guide to it on here). -- Ajraddatz (talk) 16:03, 7 May 2018 (UTC)

@Ajraddatz: I too was unsure, but know i have it--> WP:Committed identity.

@TomStar81: as of this morning it had resumed.-- Dlohcierekim (talk) 16:33, 7 May 2018 (UTC)

In favor of any notification system that would let users know about this so they can take appropriate action.-- Dlohcierekim (talk) 16:43, 7 May 2018 (UTC)

Thanks - that page puts it very clearly. Seems like a sensible measure indeed, speaking as one of the people who coordinates the return of compromised accounts to their owners. -- Ajraddatz (talk) 16:46, 7 May 2018 (UTC)

• I would also note that in the discussions that led up to the current password policy, the notion that you must use a combination of upper and lowercase, symbol, and numbers to have a strong password was strongly rejected by the community. Beeblebrox (talk) 17:53, 7 May 2018 (UTC)

Hi everyone. While the attacker continues to try and login at a very high rate, we are currently blocking his/her login attempts. At this time, there is no need to panic or do anything. We of course always encourage all users to use a strong password. BWolff (WMF) (talk) —Preceding undated comment added 18:10, 7 May 2018 (UTC)

• Having finally had the chance to start logging back in, I find all this...oi vey. Anyway, relevant to the above, I'll note that "require 2FA" is an absolute non-starter for other reasons: there are those of us who do not have smartphones and/or cell service at our computing locations at all. - The Bushranger _{One ping only} 08:37, 8 May 2018 (UTC)

  @The Bushranger: FWIW, you can run a TOTP on a computer. While it doesn't prevent an attack the compromises that one computer as well - it will remote attacks. — xaosflux ^Talk 11:51, 8 May 2018 (UTC)

I realized I got a failed attempt 13 days ago. I just changed my password. I hashed something known only to me to SHA-256, and used the random 64 character hash as my password. I think that will stop people form getting into my account. — Preceding unsigned comment added by Yoshi24517 (talk • contribs) 02:10, 17 May 2018 (UTC)

Guy Macon, a (belated) semi-technical qy. Why do you recommend spaces between the words of a passphrase? Most similar advice I have seen uses a string of words without spaces. And standard cryptography sued fixed length strings ignoring the word divisions, so the length of the word offers no clue. DGG ( talk ) 04:53, 20 May 2018 (UTC)

Let me work backwards on those questions.

First, neither the length of the individual words or the overall length of the passphrase offers any clue, because those are unknown to the attacker. Kerckhoffs's principle says that you never tell the attacker anything about the key. BTW, Wikipedia gets that one right. If they limited your passphrase to, say, 64 characters, that would tell the attacker something about your passphrase. I tested Wikipedia, and it has no problem with a 256 character passphrase (that's as far as I tested; the actual limit may be much higher).

The reason I recommend spaces is so that your passphrase follows a basic rule that makes it easier to remember and easier to correct typos; Use a standard English (or whatever language you are most fluent in) sentence with standard punctuation and grammar.

Consider the following passphrases:

• My hovercraft is full of eels.
• my hovercraft is full of eels
• myhovercraftisfullofeels
• myh0vercraft15fu||ofeel5

The first one is the hardest for a computer to guess (dictionary or brute-force attack), the easiest for a human to remember, and by far the easiest to find any typos in. --Guy Macon (talk) 06:38, 20 May 2018 (UTC)

Another point is that there are many standard packages for attacking passwords. They usually try a password, and then try variations on it. So, if an attacker tried the first of Guy Macon's above passphrases, the attacker would be very likely to also try the alternatives listed. Johnuniq (talk) 07:27, 20 May 2018 (UTC)

Spam on my talk page

Good evening, is this the right page to ask for help from an admin? An anon user twice wrote bad things on my talk page without a reason. He's a dynamin IP who attacks me on many wikis, but nobody seems to care and nobody stops him. May you protect my page from further vandalisms? 95.253.203.9 (talk) 14:24, 11 May 2018 (UTC)

I see nothing derogatory or offensive about the messages being left by the other IP. Am I missing something? Primefac (talk) 14:29, 11 May 2018 (UTC)

Perhaps not "derogatory or offensive", but strange all the same. It's a message in Italian saying that the IP has been blocked on it.wiki (which is indeed true), but while it's similar to our {{anonblock}}, it seems to be a bit more personalized than the normal templates.

Google Translate

To you who are reading this message: on it.wikipedia the IP of your company network has been blocked for 6 months because of the use that one of your employees has made of it. If you are a colleague and not the manager, please let him know. The person who made you block the network is probably a new hired for less than a year and relatively young, I think it will be easy to trace his identity but this is your business, I have only made aware even if I sincerely would like that you get it. You can see the block log, the contributions for which it was blocked and the discussions on your personal page going with this same IP on it.wikipedia. Greetings to all and good work.

I'm not sure what the purpose of this is, but I don't think it's grounds for protection. ansh666 18:21, 11 May 2018 (UTC)

So you think my page doesn't need a protection? He's using that page to attack me. He actually doesn't want to communicate with me. How can't this be enough to help me? Just because he isn't rude? He simply found that I went once on this wiki, and he thinks he's allowed to persecute me like he did on italian wiki. 95.253.203.9 (talk) 14:21, 15 May 2018 (UTC)

If you've done nothing wrong on enwiki, then you won't be blocked. It's as simple as that. If the IP continues to add harassing notes to your talk page, then something could probably be done, but it looks like since this thread was opened there have been no further edits to your talk page. Primefac (talk) 14:25, 15 May 2018 (UTC)

User socking as unroutable IP address 127.0.0.1.

• Max4142 (talk · contribs · deleted contribs · logs · target logs · block log · list user · global contribs · central auth · Google)
• (127.0.0.1) (talk · contribs · deleted contribs · logs · target logs · block log · list user · global contribs · central auth · Google) fixed. Primefac (talk) 16:07, 13 May 2018 (UTC)
• Wikipedia:Sockpuppet investigations/Max4142

Bavarian developer ZenJu,[15][16] who is the author of FreeFileSync,[17] keeps trying to the page using various socks to hide the fact that FreeFileSync ships with bundled malware, but despite repeated requests refuses to cite any sources other than his own webpage at freefilesync.org.

Now he has somehow figured out how to post as unroutable IP address 127.0.0.1.[18] I have filed an SPI and am requesting a checkuser to see if this sheds light on how he managed to do that.

Please note that as I have documented at Talk:FreeFileSync#Virustotal wierdness the FreeFileSync website sends a smaller, malware-free file to online virus scanners and a larger, malware-infected file to anyone who downloads the installer. This makes it difficultly to determine exactly which malware he is currently including, but my OR indicates that he has switched from OpenCandy to FusionCore -- malware that installs other malware that it gets from a website (and the website keeps changing as the old ones get shut down). Alas, I cannot find a source other than my OR, so I cannot update the page to say that OpenCandy has been replaced with FusionCore. --Guy Macon (talk) 15:53, 13 May 2018 (UTC)

Looking at [19],I see that other have managed to do this. Why isn't this IP permanently blocked on all projects? --Guy Macon (talk) 16:01, 13 May 2018 (UTC)

Guy Macon, the contribs you linked to are not from an IP, it's a user. I've also updated the OP's links. Primefac (talk) 16:07, 13 May 2018 (UTC)

AH! Somehow missed the parenthesis. That's rather embarrassing. Funny how the eye tricks you. Can we block it as being a deceptive username? --Guy Macon (talk) 16:26, 13 May 2018 (UTC)

@Guy Macon: if this were a new editor, I'd probably go for a username block, but as they have been established (Special:CentralAuth/(127.0.0.1)) on multiple projects for years, no. — xaosflux ^Talk 16:39, 13 May 2018 (UTC)

Possibly worth mentioning that 127.0.0.1 (in fact any 127.*.*.* address) is not a real-world IP address that could be used to edit Wikipedia anyway. It's what's known as a "localhost" address and just loops back to your own computer if you try to use it. You can use it, for example, for running a server on your own computer which you can access regardless of your real-world IP address (and without even being connected to the internet or to a router). Boing! said Zebedee (talk) 08:33, 15 May 2018 (UTC)

Im theory 127.0.0.1 is technically prevented by the MediaWiki software, but it has edited in the past: Special:Contributions/127.0.0.1. Checkusers still occasionally see people editing from the 10/8 private network. Here's a fun pro-tip: When you look at a user's contributions, look at the link to their userpage. For accounts it's a red or blue link, and for IP addresses it's grey text. -- zzuuzz ^(talk) 09:22, 15 May 2018 (UTC)

I don't suppose it'd be worth requesting a "this IP should never edit" message for non-routable/RFC 1918 IPs through the MW software perhaps? Richard⁰⁶¹² 09:33, 15 May 2018 (UTC)

This was implemented-ish in February 2017 [20] -- zzuuzz ^(talk) 09:44, 15 May 2018 (UTC)

Seems a decent solution. Richard⁰⁶¹² 10:27, 15 May 2018 (UTC)

This is a user account, not an IP ;-) ~Oshwah~^{(talk) (contribs)} 20:19, 15 May 2018 (UTC)

Day late and a dollar short, Oshwah... Primefac (talk) 21:15, 15 May 2018 (UTC)

I figured that I was ;-). I got sidetracked and wasn't able to finish reading through the discussion, but also thought that adding the comment wasn't a bad idea just in case. ~Oshwah~^{(talk) (contribs)} 21:17, 15 May 2018 (UTC)

Wikidata Infoboxes RfC closure request

Since the ANRFC request hasn't attracted much attention and this is quite an important, complex, and controversial RfC, requesting an admin, hopefully three, to fully assess and close RfC on the use of Wikidata in infoboxes. Galobtter (pingó mió) 13:48, 14 May 2018 (UTC)

I agree with a closure by a committee of three uninvolved editors. --Dirk Beetstra ^{T C} 14:13, 14 May 2018 (UTC)

It seems problematic to me that we cannot find candidates to close this... I mean, i understand why people are hesitant and that many of the familiar faces are in the discussion themselves, but somehow, we have to close this right. suggestions ? —TheDJ (talk • contribs) 07:46, 16 May 2018 (UTC)

I don't regularly patrol ANRFC, though I probably should... but don't take a lack of closure as automatic "hesitation" on anyone's part. Sometimes big discussions just are a hurdle to get stuck into. Primefac (talk) 13:18, 16 May 2018 (UTC)

• I'll be on the panel, as long as someone else does all the work. Swarm ♠ 20:37, 19 May 2018 (UTC)

Next cryptocurrency topicban

Ladislav Mecir (talk · contribs · deleted contribs · logs · filter log · block user · block log)

• edit count
• related: Shiftchange TBAN

Shiftchange's comrade, Ladislav Mecir, is the next cryptoadvocate for your consideration.

Per their editcount they have ~8.700 edits; ~8,300 of them in the last four years, almost entirely focused on crytocurrencies. Here are their top edits:

• 2,565 Bitcoin
• 564 Blockchain
• 429 Legality of bitcoin by country or territory
• 286 Cryptocurrency
• 279 Bitcoin Cash
• 207 Rebol
• 184 Bitcoin scalability problem
• 168 History of bitcoin
• 103 Satoshi Nakamoto

On the talk page

What brings us here today is this comment on Talk:Bitcoin Cash: Bcash is not a derogatory term. As said by the sources, it is a failed rebranding attempt. Having failed to rebrand Bitcoin Cash to Bcash in case of the Bitstamp and Bitfinex exchanges or to convince wallet providers or significantly many journalists to push their agenda, the proponents of the rebranding are now trying to use the Wikipedia for the purpose. While it is not in their power to use the Wikipedia to rebrand Bitcoin Cash, they are at least trying to pretend that the failed Bcash rebranding has got the same notability as the original and widely used Bitcoin Cash name. which they have restored twice, despite my warning to them at their talk page, first here with the doubling-down-on-the-crazy edit note rv., this is confirmed by the cited sources and again here.

There is of course no source on the Talk page or in the article, that says that "proponents ...are now trying to use the Wikipedia for the purpose".

(The alt name, "BCash", for the crytpocurrency, is something that its advocates find actually insulting. Vehemently so. Shiftchange for example, had !voted at the Rfc on mentioning BCash" in the lead as follows: Oppose Its a derogatory slur used against Bitcoin Cash for the purpose of propaganda. Its not a description or common name. No software developers or exchanges refer to it that way.)

The comment above was an addendum to Ladislav Mecir's earlier !vote, here (sorry, that is four diffs separated by some diffs from others) which is too long to copy here, but makes the same argument as Shiftchange, albeit "supported" by citations. I use the scare quotes because their summary of what those sources say is often not supported by the source cited.

Their comment in another RfC on the talk page about about removing a blatant POV testimonial section sticks out like a source thumb among the "deletes".

at the article

• This recent diff series is typical. Looking through that, they added"
  • tabloidy ref (Independent) with a passing, postive mention, to the first sentence, added this ref, linked to a section with "good news" about Bitcoin Cash, added some more unsourced content to a section that was unsourced, etc. and then reverted to keep it when it was removed.

• before then, added this source to the first sentence, with "bad news" about Bitcoin.

• before that, added a big bolus of badly sourced content about "wallets" (the software where you keep your cryptocurency).

and there is plenty more. This person is an advocate who is not here to build an encyclopedia. Jytdog (talk) 03:46, 15 May 2018 (UTC)

"Shiftchange's comrade, Ladislav Mecir"—note this edit proving the claim is unfounded. Ladislav Mecir (talk) 04:00, 15 May 2018 (UTC)

"comrade" in the sense of editing promotionally and aggressively in favor of Bitcoin Cash. This is not even a little ambiguous. Being aware that Shiftchange was worse than you is no sign that you see how badly you are editing and behaving. Jytdog (talk) 04:21, 15 May 2018 (UTC)

Jytdog wrote: "The alt name, BCash, for the crytpocurrency, is something that its advocates find actually insulting."—Note that in my comment cited above I actually wrote that "Bcash is not a derogatory term."

Here Jytdog wrote: "The comment you made here ... amounted to personal attacks on other editors."—There are several reasons why this is unfounded:

• Here is an edit made by Jytdog claiming that there have been attempts to recruit users with specific viewpoints to edit the article.
• There have been attempts by proponents of said specific viewpoints such as this, this and many others, actually leading to page protection.
• In my response to Jytdog's claim at my talk page, I also wrote:
  • Let's consider a Wikipedian XY that is not a proponent of rebranding of the Bitcoin Cash to Bcash. Then, maybe surprisingly for you, the comment I made, speaking about "proponents of the rebranding" does not concern XY at all. Thus, logically, it could not amount to "personal attack" on her.
  • Now let's consider a Wikipedian XZ that is a proponent of rebranding of the Bitcoin Cash to Bcash. Then, maybe surprisingly for you, the comment I made is not a personal attack on her either, since it just claims that XZ wants to claim that the Bcash name is at least as notable as the Bitcoin Cash name, which is exactly what the "proponent of rebranding" implies.

Jytdog should be more careful when accusing anybody of wrongdoing and deleting their comment based on unfounded accusations. Ladislav Mecir (talk) 05:12, 15 May 2018 (UTC)

Thanks for your help here. I will leave it to others to evaluate your rhetoric and respond.Jytdog (talk) 05:15, 15 May 2018 (UTC)

Jytdog wrote: "Their comment in another RfC on the talk page about about removing a blatant POV testimonial section sticks out like a source thumb among the "deletes"." - note that I just made a comment not claiming that the section should be kept, but claiming that the contents of the section does not correspond to its title. If that is a reason why I am a "Shiftchange's comrade" remains to be judged by somebody else than Jytdog, as it looks. Ladislav Mecir (talk) 05:21, 15 May 2018 (UTC)

Jytdog wrote: "almost entirely focused on crytocurrencies"—note that, e.g. the statistics of the Cox's theorem page mentions my authorship to be 3'677 bytes and my authorship of the Bayesian probability article to be 2'865 bytes. Ladislav Mecir (talk) 10:16, 15 May 2018 (UTC)

• I'll just note that I've noticed Ladislav Mecir trying to own a page or dominating discussion on a talk page, see e.g. Talk:Cryptocurrency#Controversial in cryptocurrency articles. I suspect that many of the articles noted at the top of this thread would fit into that class of articles being owned or dominated by LM. Smallbones_(smalltalk) 17:02, 15 May 2018 (UTC)
• Support topic ban for any WP:SPA focused on cryptocurrency. It's exactly like creationism, climate change denial or homeopathy. These are quasi-religious cultists and the wider Wikipedia community lacks the time and the patience to continue to argue with them. Guy (Help!) 17:49, 15 May 2018 (UTC)
• Oppose lots of areas have WP:SPA editors, that's no reason to enact a TBAN here. If you really feel that is necessary, let's invoke General Sanctions in the area first. I do agree with the comment at [21] that the Bitcoin/Bitcoin Cash feud has spilled onto Wikipedia, based on my own editing experience and the diffs in this thread. power~enwiki (π, ν) 18:03, 15 May 2018 (UTC)

Yeah, it is, because the SPAs have an absolutely homogeneous agenda, promoting crypto. SPA religious editors may be from different sects, but SPA crypto editors are almost all members of the crypto cult. Guy (Help!) 18:45, 15 May 2018 (UTC)

It's not quite homogeneous; the specific dispute here is that certain Bitcoin Cash supporters feel that is the one true Bitcoin, and opponents feel that it's some form of scam. A lot of the other crypto-currencies have no wide-spread interest, importance, or significance, and are edited merely by people who stand to profit from promoting them. Those articles are overwhelmed with promotional material from "the trade-press" (as a charitable description of what others would simply call "unreliable sources" and "blogs", i.e [22]). power~enwiki (π, ν) 19:14, 15 May 2018 (UTC)

User:power~enwiki this is not a content dispute, and no, it is a not a binary thing. Generally for each one of these currencies there are fierce advocates for it, and most everybody else (inside the crypto-communities and outside) looks at the currency/project with some interest, or perhaps some skepticism, or maybe doesn't look at all and is just bored by the whole thing. There are a few of these currencies that have been outright scams. I haven't read anything that said that Bitcoin Cash is illegit or a scam per se.

The issue here is the behavior of this advocate, as it has been for each other advocate I have brought here. The issue is the advocacy.

You know as well as I do that that Wikipedia is always vulnerable to activists, due to our open nature. This vulnerability sharpens, if there are online communities of activists. This vulnerability sharpens to the point of bloody hell, when there are online activists with financial interests in their object of advocacy. There is almost nobody involved in the online communities around these cryptocurrencies, who doesn't hold the currency and believe that they are going to change the world through the technology. This is like (not exactly like, but like) some kind of prosperity religion thing, and it is all happening online.

Wikipedia is not an extension of the blogosphere -- not a place for people to come here and preach their currency-religion and state their paranoias like they are facts. LM's statement of "fact" (on which they have by now not just doubled down, but quintupled down) that the proponents of the rebranding are now trying to use the Wikipedia for the purpose is not a statement of fact but rather an expression of the paranoia of the Bitcoin Cash community. He has no self-insight into how unacceptable that statement is, here in WP.

This is a symptom of the underlying approach to WP. Fortmit.

I'll add that our content about each one of these currencies is going to be paltry and slim in the eyes of these people. WP is a lagging indicator of notability by design; we are not going to have the level of detail they want for a long long time, if ever; we are not going to track the roller coaster of valuations as the coin markets gyrate. Not what we do here. Not what WP is for. These crytocurrency people do not understand this. Jytdog (talk) 19:46, 15 May 2018 (UTC)

I still think you're reading too much into the specific diff of the proponents of the rebranding are now trying to use the Wikipedia for the purpose. I take it to simply mean that there is POV-pushing in this area (which everyone agrees is happening), and not an accusation of canvassing. There's definitely some biased editing here by Ladislav, if General Sanctions were in place and he had been warned about them, I would support sanctions. I don't currently feel they are necessary. power~enwiki (π, ν) 19:55, 15 May 2018 (UTC)

It is a direct claim about what other people are actually doing here in WP. Reading it as anything else is reading against its very plain meaning. I get it that Bitcoin Cash advocates in their reddit forums are all paranoid. Edit warring to retain that level of paranoid attack on other editors here in WP - to revert with an edit note that this is confirmed by the cited sources is just... bizarre. There are no cited sources that say that people are coming to Wikipedia to try to rebrand the currency. None. This is paranoid crap that Ladovic obviously cannot restrain himself from. So we need to restrain him. Jytdog (talk) 03:56, 16 May 2018 (UTC)

I'm pretty sure that Mecir's comment about being sourced was in regard to the "Bcash is not a derogatory term. As said by the sources, it is a failed rebranding attempt." rather than any other claim. - Bilby (talk) 05:57, 16 May 2018 (UTC)

That is obvious. And that is not why the comment was removed. Which is also obvious. The edit note was a twisting nonresponse to what was (and still is) problematic. Jytdog (talk) 08:09, 16 May 2018 (UTC)

• Support TBAN and support general sanctions for cryptocurrency per Guy and Power. We are currently getting flooded with crap about crypto, and I think this editor is being disruptive, but I don't think Jytdog and Guy should have to get a topic ban discussion going every time we need one. Let's streamline dealing with the stuff, please. TonyBallioni (talk) 19:05, 15 May 2018 (UTC)
• No comment on the topic ban, but I agree that cryptocurrencies should be under discretionary sanctions. I'll make a formal proposal below. MER-C 20:18, 15 May 2018 (UTC)
• Oppose For a topic ban I'd want to see ongoing disruption that haven't been managed via other means. I can;t see any other means having been tried, but then I can't see evidence of long term disruption - after years of editing on these topics, no ANI threads about the editor (noting that there was one in 2014 which briefly included discussion about his editing, but that was a) 4 years ago, and b) not the focus of the discussion), a clean block log, no history of 3RR violations, and going through his talk page for the last two years I can find no formal warnings, with the occasional concerns seemingly met with discussion and at times compromise or agreement. There may be more elsewhere, but it isn't obvious, and hasn't been presented here. What has been presented here is enough to say that a warning is appropriate, but jumping to a topic ban for a few recent edits of varying quality is a big step. With all that said, if we end up with general sanctions, then all editors would be aware of the limits for their behaviour, so stepping out of line could reasonably warrant tbans for anyone, and that would be fair enough. - Bilby (talk) 12:53, 16 May 2018 (UTC)

General sanctions proposal

Should the community authorize standard discretionary sanctions for all pages related to blockchain and cryptocurrencies, broadly construed?

• Support as proposer. Most of the major articles in this topic area have been semi-protected (many by myself) due to the torrent of promotionalism and still it does not stop. It's like binary options and forex all over again, but with added, overt, criminality. The Bitcoin Cash/Core feud just makes things worse. MER-C 20:18, 15 May 2018 (UTC)
• Support per my above comments. power~enwiki (π, ν) 20:21, 15 May 2018 (UTC)
• yes please Jytdog (talk) 20:41, 15 May 2018 (UTC)
• Support per above. TonyBallioni (talk) 20:46, 15 May 2018 (UTC)
• Support The cryptocurrency topic area is rife with promotionalism and POV pushing. Cullen³²⁸ Let's discuss it 21:22, 15 May 2018 (UTC)
• Support To try and make the area less toxic with the promotional, POV-pushing editing. Courcelles (talk) 21:27, 15 May 2018 (UTC)
• Support partially per my query below. There is a huge amount of promotion and straight-out advertising going on in cryptocurrency articles. I find it incredibly difficult to edit these articles - in many cases I know I'll be reverted by an "article owner" - so editing would only be a case of making a WP:Point. I know what you're thinking "Smallbones is afraid to edit here?" Yes, I've worked in some incredibly difficult areas, e.g. binary options and retail forex, but cryptocurrencies take the cake.

The main problems I see are:

• the use of unreliable "trade press" sources as almost the whole source material. These sources are almost always cheerleaders
• promotionalism and advertising
• article ownership
• COI editing on the article page (Note that cryptocurrency owners are specifically mentioned in WP:COI as having a COI on the ccurencies they own).

Smallbones_(smalltalk) 22:55, 15 May 2018 (UTC)

• Support per supporters. Gråbergs Gråa Sång (talk) 08:07, 16 May 2018 (UTC)
• Support The problems within this area have been building for some time. Doc James (talk · contribs · email) 16:15, 16 May 2018 (UTC)
• Support – as noted immediately above, this topic area was identified as a magnet for problem editing/editors about the time the binary options thing was winding down at COIN, around October [23]. Note that clouds started to appear on the horizon wrt this behavior at least as far back as 2012 at COIN and ANI. ☆ Bri (talk) 22:19, 16 May 2018 (UTC)
• Support this topic area is a perfect storm of 'true believers' and 'commercial interests'. Either can spawn editors who will tax the patience and will of those who enforce policy, both will probably start burning out administrators unless they have the flexibility and streamlining allowed by GS/DS. Jbh ^Talk 23:50, 16 May 2018 (UTC)
• support gods yes. long overdue. brilliant idea. — Preceding unsigned comment added by Dlohcierekim (talk • contribs)
• Support per everyone above. Galobtter (pingó mió) 04:03, 17 May 2018 (UTC)
• Support 1RR per above Jtbobwaysf (talk) 07:48, 17 May 2018 (UTC)
• Oppose in the face of many I do not believe the need for DS is necessary. ^{cinco de} L3X1 ◊distænt write◊ 02:32, 18 May 2018 (UTC)

I'll clarify that the issues of COI, promowanks, notability, NOTHERE and OWNership can all be dealt with quickly and easily sans DS. ^{cinco de} L3X1 ◊distænt write◊ 03:02, 18 May 2018 (UTC)

We obviously disagree on how "quickly and easily" we can deal with the problems in these articles. But we also have to consider how bad the writing and the articles in general are - which really degrades our reputation. We need to consider how much editor time this takes up. And most importantly we need to consider how many people are getting ripped off by unethical crypto-operators while we dilly-dally. Smallbones_(smalltalk) 03:59, 18 May 2018 (UTC)

• Support Reread everything and changed my mind. ^{cinco de} L3X1 ◊distænt write◊ 12:15, 18 May 2018 (UTC)
• Support given just how hard it can be to enforce policies on pages in this topic area. Best, Barkeep49 (talk) 07:35, 18 May 2018 (UTC)
• Supportper above. Beyond My Ken (talk) 05:37, 19 May 2018 (UTC)
• Support long overdue. Headbomb {t · c · p · b} 12:17, 19 May 2018 (UTC)
• Hell yes. Should have done this ages ago. Guy (Help!) 20:30, 19 May 2018 (UTC)

query

• i know we (the community) can govern ourselves as we wish, but is there precedent for us to place DS? The formal DS are an arbcom thing per WP:ACDS, enforceable at AE as well by passing admins, etc. I am going to support in any case :). Jytdog (talk) 20:41, 15 May 2018 (UTC)
  • WP:General sanctions is the correct term here. power~enwiki (π, ν) 20:44, 15 May 2018 (UTC)
  • Yes, the Syrian Civil War, South Asian castes, and a few others have general community authorized discretionary sanctions (and they are both general sanctions and discretionary sanctions). TonyBallioni (talk) 20:46, 15 May 2018 (UTC)
• I'm tossing up whether to post notifications on Wikipedia talk:WikiProject Numismatics/Cryptocurrency task force, Talk:Cryptocurrency, Talk:Blockchain, Talk:Bitcoin and Talk:Bitcoin Cash. I'm only vaguely familiar with the procedure involved in imposing general sanctions -- is notification necessary? Or will it be counterproductive? MER-C 20:55, 15 May 2018 (UTC)
  • After thinking about it, I've handed out the notifications. MER-C 16:36, 16 May 2018 (UTC)
• I'm generally unfamiliar with community sanctions as well. Perhaps somebody more experienced with them can best describe how this works. I'll ping @DGG: - if he can't explain it, he'll know somebody who can.

I did quickly skim through one case of a community sanction. It looks like the closer decides on the final wording of the sanction. The discussion lasted 9 days at ANI, and there were 10-20 !votes. I need to know more about the mechanics than this however.

My input on the question of sanctioning here will be heavily influenced by the facts concerning bans on cryptocurrency ads on other major internet platforms. I've written this up in the Initial coin offering article about 6 weeks ago. We can leave out Jimbo's opinion for the purposes of this discussion. And just because much of the rest of the internet is banning these guys, is not, in itself, a reason for banning them here. But I do think that it shows there is a huge potential problem and that folks who have noticed problems here are not making them up out of whole cloth. Everything written here about ICOs also applies to cryptocurrencies in general.

Facebook has banned ICO and cryptocurrency advertisements on its platform stating that many of them were "not currently operating in good faith."^[1] Google and Twitter have also banned ICO and cryptocurrency advertisements.^[2]

Snapchat, LinkedIn and MailChimp all have limited companies from marketing ICOs via their platforms.^[3] Jimmy Wales, founder of Wikipedia, stated in 2017 that "there are a lot of these initial coin offerings which are in my opinion are absolute scams and people should be very wary of things that are going on in that area."^[4]

Chinese internet platforms Baidu, Tencent, and Weibo have also prohibited ICO advertisements. The Japanese platform Line and the Russian platform Yandex have similar prohibitions.^[5]

Smallbones_(smalltalk) 22:22, 15 May 2018 (UTC)

I missed one. Just yesterday Bing (from Microsoft) imposed a ban [24]

"Because cryptocurrency and related products are not regulated, we have found them to present a possible elevated risk to our users with the potential for bad actors to participate in predatory behaviors, or otherwise scam consumers. To help protect our users from this risk, we have made the decision to disallow advertising for cryptocurrency, cryptocurrency related products, and un-regulated binary options."

It is telling that many of these bans place cryptocurrencies in the same class as binary options. Smallbones_(smalltalk) 02:12, 17 May 2018 (UTC)

References

1. Matsakis, Louise (January 30, 2018). "Cryptocurrency scams are just straight-up trolling at this point". Wired. Retrieved April 2, 2018.
2. Weinglass, Simona (March 28, 2018). "European Union bans binary options, strictly regulates CFDs". Times of Israel. Retrieved April 2, 2018.
3. French, Jordan (April 2, 2018). "3 Key Factors Behind Bitcoin's Current Slide". theStreet.com. Retrieved April 2, 2018.
4. Bercetche, Joumanna (October 5, 2017). "ICOs — the hottest craze in cryptocurrencies — is an 'absolute scam,' Wikipedia Founder Jimmy Wales says". CNBC. Retrieved 2018-04-02.
5. Wilson, Thomas (March 28, 2018). "Twitter and LinkedIn ban cryptocurrency adverts – leaving regulators behind". Independent. Reuters. Retrieved April 3, 2018.

FWIW, the entire sanctions "system" is in my opinion an accumulation of confusing half-thought out and erratically-enforced procedures. I have never used it as an admin, and try to avoid sanction discussions as an arb. I suggest you do here whatever seems reasonable. If I were doing it over, I might like a rarely used remedy: one comment per talk page per day per person. It could be enforced easily by just removing anything beyond that. DGG ( talk ) 01:25, 16 May 2018 (UTC)

• Comment: If these are community authorized sanctions then the decision must be made by the community. Either move this discussion to ANI or a village pump and add a central notification advertising it (preferably both). --NeilN ^{talk to me} 18:24, 16 May 2018 (UTC)
  • AN is the correct venue. See Wikipedia:General_sanctions#Community_sanctions. This is the community's main noticeboard for dealing with administrative issues, issuing bans, and determining sanctions. A simple discussion here is all that is required by policy, and ANI would be the absolute worst place to move it. TonyBallioni (talk) 21:23, 16 May 2018 (UTC)
    • I stand corrected on what the instructions say but still think a more community-oriented page would be far more appropriate. --NeilN ^{talk to me} 02:43, 17 May 2018 (UTC)
      • @NeilN: Let's stick with what WP:General sanctions says, which is that we do the discussion here. We should however publicize the discussion, which has been done for the main cryptocurrency pages. Feel free to add notifications elsewhere.

I am concerned however that we need to specify the sanction somewhat better than has been done. Per WP:General sanctions "When general sanctions are employed, they are specifically detailed instructions by which community consensus or ArbCom motion has empowered administrators to act single-handedly to sanction editors who are not complying with general behavioral or editorial guidelines and policies.(bolding added)

I've put my basic ideas forward with my support !vote, but I don't fully understand what other editors want to do. Smallbones_(smalltalk) 17:42, 17 May 2018 (UTC)

Smallbones, MER-C proposed standard discretionary sanctions, which is what we are discussing. I don’t see a need for anything like a CENT notice, but maybe a VPR post would work. The last proposal for this (which eventually failed) was for Catalonia separatism/independence. I don’t think that was advertised anywhere but here. As I said, this is the main community noticeboard for these type of things, so it’s already relatively well advertised just by being here. TonyBallioni (talk) 18:04, 17 May 2018 (UTC)

Ok, I think I'm starting to get this but it would bear repeating (or correcting me if I'm wrong).

• The behavior required from editors within the scope of the standard discretionary sanctions is described here Wikipedia:Arbitration_Committee/Discretionary_sanctions#Guidance_for_editors which I'll summarize as (very carefully) "follow editorial and behavioural best practice."
• Admins have additional powers in the conflict area described here Wikipedia:Arbitration_Committee/Discretionary_sanctions#Sanctions which include blocking an editor for up to a year (with little or no process needed).
• the scope of the sanctions as I understand it includes articles on bitcoin and other cryptocurrencies, initial coin offerings, blockchain and related articles broadly defined.

@TonyBallioni, MER-C, and NeilN: just to make sure I'm on track. Smallbones_(smalltalk) 22:46, 17 May 2018 (UTC)

Yes, that would be my understanding. These operate the same as other discretionary sanctions, just authorized by the community instead of ArbCom. TonyBallioni (talk) 23:14, 17 May 2018 (UTC)

The community can also automatically apply editing restrictions instead of relying on admins. WP:GS/ISIL has an automatic WP:1RR on the topic area. The community also has to decide on a notification system. Please, by all that's wikiholy, use the notification system described by WP:GS/ISIL and not AE discretionary sanctions. --NeilN ^{talk to me} 23:29, 17 May 2018 (UTC)

Thanks to both. It sounds good to me and I'm happy now that I know what we're trying to do. Smallbones_(smalltalk) 00:02, 18 May 2018 (UTC)

• Proposal I suggest that in addition to this 1RR rule we also consider banning most of the cryptocurrency trade magazines, except for two majors CoinDesk and Bitcoin Magazine, as I think we could use a couple of respected industry rags to anchor content. I suggested these these two major trade rags as they appear to me to be reliable AND they both have posted editorial guidelines on their respective sites. I think that only allowing a couple of trade rags would allow us to preserve 90% of the content as well as cutting out 90% of the promotion (as majority promo content seems to come off the long tail of awful quasi-newsources). There is a discussion of this sourcing issue here Talk:Bitcoin_Cash#RfC to tighten sourcing on this article FYI. Thanks! Jtbobwaysf (talk) 07:48, 17 May 2018 (UTC)
  • I don't think that any crypto trade publications can be considered to be reliable sources. CoinDesk is owned by a crypto trader. CoinDesk is a subsidiary of Digital Currency Group ("DCG"). DCG invests in cryptocurrencies and has ownership stakes in a number of blockchain startups. While I don't question the journalists good intentions, the ownership issue and the story selection implied by their audience, must inevitably bias their stories. Bitcoin Magazine was founded by the co-founder of a major cryptocurrency and apparently sold to a firm that calls itself "BTC Inc." There's no good identification online as to who they are - and I suspect it has crypto owners still. There is a subsidiary of a local Iowa telephone company named "BTC Inc." that is identified pretty well online, but it doesn't look like the same company. There's also a company based in Ohio with he same name, but less info.

Coincidentally, there's a piece written by a cryptojournalist out today Crypto ‘Journalists’ Need to Fess Up to Their Conflicts of Interest that rips every crypto media outlet, except CoinDesk. If CoinDesk is the best of a lousy field then we shouldn't let any in as RS. Smallbones_(smalltalk) 17:57, 17 May 2018 (UTC)

• Yeah, i hear you. I was just thinking that if we were to impose this type of topic ban for ALL trade publications it might damage wikipedia. I was thinking one or two preapproved ones, deemed to be the least bad, might be good overall. Jtbobwaysf (talk) 05:23, 18 May 2018 (UTC)

• This might be unorthodox but along the lines of how we treat pseudoscience, what about imposing a templated paragraph on all crypto currency pages that says roughly "Leading financial press and finance experts have described all cryptocurrenies as a fraud, worthless, and holding no inherient value. Major advertising platforms have banned all ads connected to cryptocurrency. Cryptrocurrencies are subject to aggressive promotional activities, often by people with undisclosed conlicts of interest, in a nearly unregulated environment." (Add appropriate cites) Legacypac (talk) 06:57, 20 May 2018 (UTC)

I think such a warning would be WP:UNDUE weight (not to mention it not being factually correct as there is no such consensus that cryptocurrencies are dangerous). We have been discussing creating a cryptocurrency controversy article (or very large section) at Talk:Cryptocurrency#Some things that a "Controversy" section might want to discuss if anyone would like to particpate. Thanks!! Jtbobwaysf (talk) 09:19, 20 May 2018 (UTC)

Datetime picker for Special:Block

Hello all,

The Anti-Harassment Tools team made improvements to Special:Block to have a calendar as datetime selector to choose a specific day and hour in the future as expire time. The new feature was first available on the de.wp, meta, and mediawiki.org on 05/03/18. For more information see Improvement of the way the time of a block is determined - from a discussion on de.WP or (phab:T132220) Questions? or want to give feedback. Leave a message on Wikipedia Talk:Community health initiative on English Wikipedia/Blocking tools and improvements, on Phabricator, or by email. SPoore (WMF), Trust & Safety, Community health initiative (talk) 20:26, 15 May 2018 (UTC)

AIV backlog

I'm heading offline, so I can't help at the moment, but WP:AIV is getting a bit out of control. If someone could pop over there and take care of some of that, it'd be great. Thanks! --Jayron32 13:24, 18 May 2018 (UTC)

Bot only count how many users/IP are listed (including declined). Hhkohh (talk) 13:53, 18 May 2018 (UTC)

Who does history-merging?

See Wikipedia talk:Requests for history merge#Who does history merging?. Anthony Appleyard (talk) 20:56, 18 May 2018 (UTC)

Leftover goaste vandalism

I recently stumbled upon the contributions of this vandal here [NSFW, extremely graphic], and I'm wondering if an admin could search for the string "Goatse in Wiki Table format" in all the revisions of Wikipedia and revdel that stuff. Or if there's a tool out there that facilitates deep revision history search on Wikipedia. It probably needs to be something WP:DUMP based. Headbomb {t · c · p · b} 23:03, 18 May 2018 (UTC)

dash not hyphen

in the tab name is says '[pagename] - wikipedia' instead of '[pagename] – wikipedia'
– 2407:7000:8A01:8341:45D0:67AB:59E1:EF83 (talk) 03:19, 19 May 2018 (UTC)

This was previously discussed at Wikipedia:Village pump (proposals)/Archive 136#Change hyphen (-) to dash (—) in page title. The proposal was rejected because some old filesystems and browsers don't have support for unicode characters, and the hyphen is a more well-supported alternative. Mz7 (talk) 05:34, 19 May 2018 (UTC)

Mass page moves needed

The following discussion is closed. Please do not modify it. No further edits should be made to this discussion.

---

I have already blocked L_O_M_G_B_O_Y_E (talk · contribs) for making far too many nonsense moves. We need mass revert of these moves back to their original pages. --Masem (t) 03:31, 19 May 2018 (UTC)

 Done. I think this should be resolved now. Mz7 (talk) 03:49, 19 May 2018 (UTC)

FWIW, I think I've fixed all the broken redirects resulting from bot auto-fixing the double redirects. ~ Amory (u • t • c) 12:08, 19 May 2018 (UTC)

@Amorymeltzer: Thanks, I hadn't thought of that. Mz7 (talk) 22:02, 19 May 2018 (UTC)

The discussion above is closed. Please do not modify it. No further edits should be made to this discussion.

Request to lift topic ban

The following discussion is closed. Please do not modify it. No further edits should be made to this discussion.

---

I was topic banned indefinitely last month and told not to comment anything on matters related to caste. I was relatively new to wikipedia back then and was not well versed with rules of wikipedia. I have been contributing after the ban on other topics. I request that my topic ban be lifted. I promise that I will abide by wikipedia rules. Sharkslayer87 (talk) 17:57, 19 May 2018 (UTC)

First off I’m going to ping the admin who applied the sanction @Bishonen:.

Then I would ask you to comment on your remarks at Talk:Raju, in particular This amounts to Racism and you will pay for it. and I will go to any extent until justice is served. which would appear to represent an unacceptable battleground attitude. Beeblebrox (talk) 18:13, 19 May 2018 (UTC)

I have already said that I was new to wikipedia and didn't know how it worked exactly. I have also said that I won't repeat that behavior. Please let me know what I could do to prove myself. Sharkslayer87 (talk) 18:18, 19 May 2018 (UTC)

• Oppose lifting the topic ban at this time, while encouraging the editor to continue working in other topic areas. The topic ban was imposed this month on May 1, not last month, and the editor immediately violated the topic ban several times and was blocked for it. This followed weeks of disruptive and combative editing related to caste. Only 19 days have passed. I recommend that the editor wait at least six months to ask for the topic ban to be lifted, while showing full compliance with our policies and guidelines in the interim. Cullen³²⁸ Let's discuss it 18:39, 19 May 2018 (UTC)
• I'm against lifting the ban at this time. It's only 19 days old, and Sharkslayer87 started by getting themselves blocked for violating it. @Sharkslayer87:, I'm glad to see you have been editing other articles and reverting vandalism and warning vandals since then. Your editing on caste-related pages was relentlessly promotional, and you pushed back strongly against anybody who tried to advise you — "like you were issuing ultimatums", as Ad Orientem put it.[25]. (To Sitush you said: "Are you from India and from Andhra Pradesh?... Why do you only have the right to push your POV as opposed to others POV? Are you the owner of Wiki?"[26]) I recommend you to continue editing other areas, and not appeal your caste ban again until at least three months have passed (six months, per Cullen328, is better). The more constructively you edit in the meantime, the more likely your appeal is to be granted. Bishonen | talk 19:41, 19 May 2018 (UTC).
• Oppose Cullen says it better than I could, so I won't repeat it. Agree with both him and Bish. TonyBallioni (talk) 19:43, 19 May 2018 (UTC)
• Oppose in over 100,000 edits I don't believe I've needed to make one on caste. This restriction is hardly constraining Legacypac (talk) 20:14, 19 May 2018 (UTC)
• Oppose. Let's see six months of trouble-free editing in other areas first. Boing! said Zebedee (talk) 20:25, 19 May 2018 (UTC)
• Oppose Come back in six months and we can talk about it. For now I would continue editing elsewhere. There is a lot of stuff to work on here. -Ad Orientem (talk) 20:54, 19 May 2018 (UTC)
• Oppose per Cullen and Bishonen. Beyond My Ken (talk) 21:07, 19 May 2018 (UTC)

The discussion above is closed. Please do not modify it. No further edits should be made to this discussion.

Request closure of discussion and re-direction to open WP:RFC/ Request User:Factchecker_atyourservice warned for WP:Battle and WP:POV

This discussion is growing out of control: https://en.wikipedia.org/wiki/Talk:Trump–Russia_dossier#Latest_New_York_Times_report_confirming_"no_public_evidence"

There is an open WP:RFC here: https://en.wikipedia.org/wiki/Talk:Trump–Russia_dossier#RFC_on_stating_no_public_evidence_of_collusion

Request new discussion is closed per Wikipedia:Forumshopping

I also request that User:Factchecker_atyourservice is warned by an uninvolved administrator for Wikipedia:Battleground and WP:POV. 1. He took part in the RFC. 2. I think if you look at the totality of his contributions on the page, he is clearly pressing for a WP:POV with Wikipedia:Battleground behavior. 3. In starting the new discussion, he was very selective in his context which he provide and it looks like clear dishonesty, as pointed out here.Casprings (talk) 22:59, 19 May 2018 (UTC)

I second Casprings request. Factchecker_atyourservice has been a disputatious and disruptive editor for quite some time, and is clearly holding a serious POV which they are pushing just as hard as they can. They've WP:BLUDGEONed the discussion to within an inch of its life and does not appear to have given any consideration whatsoever to stopping. In my opinion, at this point, a warning is the absolute minimum that should be dealt out to Factchecker: if they don't stop their tendentious editing, they should be slapped with a short block. Beyond My Ken (talk) 23:19, 19 May 2018 (UTC)

I third this for the reasons stated above. – Muboshgu (talk) 23:22, 19 May 2018 (UTC)

Just to note, Factchecker has 1,001 edits to Talk:Trump–Russia dossier since January. [27] Beyond My Ken (talk) 23:27, 19 May 2018 (UTC)

@Beyond My Ken: According to this they have 554 edits to the page you mention. The most being BullRangifer at 692. Might want to update your claim of 1,001. PackMecEng (talk) 00:01, 20 May 2018 (UTC)

I’ll fourth this request. I believe FactChecker has violated their one-way IBan with BullRangifer in that thread near the beginning of a six month ban.[28] The editor is now attacking editors at AE [29], has just exited a sanction, and has engaged in PAs for months. The thread is a timesink and will eventually end up wasting admin time at a drama board. O3000 (talk) 00:41, 20 May 2018 (UTC)

"Attacking editors at AE"? I described an incident in which I attempted to discuss something utterly non-personal with SPECIFICO, and he refused to offer any explanation whatsoever of what he meant and instead just used each reply as a new opportunity to taunt me. "PAs for months" is an unusual claim since I didn't edit for the past year until April 2018, at which point I suggested citing high quality sources and removing low quality ones from an article and got comprehensively flamed. Pretty much everything that has happened since then has revolved around asking if we could please cite better sources, and do so more accurately, and I've just gotten flamed for it. Factchecker_atyourservice 01:05, 20 May 2018 (UTC)

• Casprings or Beyond My Ken I would suggest an AE filing would be more appropriate than AN if these are long term behavioral issues. I am not saying that there are issues (I am unfamiliar with the editor in question), but in this area ANI/AN is sometimes difficult to parse out trends and figure out who is doing what. A structured format often helps in these situations. TonyBallioni (talk) 23:29, 19 May 2018 (UTC)

I was hoping not to take the time to do that, given that I am not asking for a ton to be done here. I will see how it plays out and may do that in the future.Casprings (talk) 23:59, 19 May 2018 (UTC)

Wellll that RFC had stalled pretty fully, on top of which it bogged down on (1) various claims that the sources were old and therefore misleading because maybe some evidence came out since then!, despite that some were just weeks old, and (2) my paraphrasing which was allegedly a calculated lie designed to push .. whatever POV it is I am supposed to have. And virtually all of the more recent votes revolved around how allegedly misleading the paraphrasing was.

So I thought I would try a much smaller approach suggesting a single source, brand new so nobody could claim it's been rendered obsolete by evidence coming out later, from a top quality news source, and I just suggested quoting it directly.

I thought that might circumvent all those objections, but little did I know I'm still a liar for suggesting it be quoted! ¯\_(ツ)_/¯

Gotta say though, it's really weird because the passage I am accused of "dishonestly" omitting has nothing to do with either the dossier or the evidence of claims against Trump, rather it's the NYT addressing a Democratic complaint that an October 2016 NYT article had implied Trump had been cleared by intel investigations, when really those investigations were just beginning. The two statements are related to each other in the context of the NYT article, but the second one is not really related to anything in the dossier article.

Even so, I explicitly said I had no objection to quoting that part too, but that did not satisfy those who had raised it as an objection.

Also, just to note Muboshgu, despite your comment, Mueller is only reliably speculated and widely assumed to have evidence and it is entirely possible that he will close the investigation without ever announcing a clear link between Trump and the Kremlin during the campaign. So your claim that there's no evidence because the investigation is ongoing is crystal balling. Also, I believe the tradition with special counsel investigations is that they keep investigating until they find something to charge, regardless of whether it has anything to do with the original reason for the investigation, which is how we got that whole kerfluffle with Clinton getting BJs from young ladies in the White House. Factchecker_atyourservice 00:49, 20 May 2018 (UTC)

Do not bring the content dispute here, this is about your behavior, which has been egregiously bad. Beyond My Ken (talk) 01:15, 20 May 2018 (UTC)

Explaining why I opened a new discussion seems pretty relevant to this attempt to sanction me for opening a new discussion. Also, you haven't been involved at any of these articles, are you still mad at me about stupid content disputes from 3-4 years ago? Factchecker_atyourservice 01:18, 20 May 2018 (UTC)

BMK, he recently served time for his behavior, and came back to edit with a good attitude, trying to do good work. It's a root canal to try to add anything to that article that isn't negative. Factchecker has tried to be collegial but it's difficult in an environment where editors have perfected the skill of annoying their opponents obliquely until they finally break. Some of the reasons given for exclusion of that material are worth framing to remind us how absurd things have gotten. I don't know the answer but I do know it's not fair to keep hammering on the same editor who is bringing really good material to the article, and inclusion is refused for no good reason. I also don't think it's fair to allow the targeting and group pile-ons of a single editor who is actually trying to improve an article for all the right reasons. Whatever is going on, be it WP:OWN behavior or WP:STONEWALLING, it's unjustified behavior when you consider we're talking about one or two sentences that Factchecker proposed for inclusion; material that is clearly DUE, updated and sourced to the NYTimes. It is not his behavior that should be analyzed. ^{Atsme📞📧} 02:40, 20 May 2018 (UTC)

A short block is not a sufficient sanction for Factchecker's BLUDGEONing of the discussion, and now you, too, are talking about content and not behavior. Stop that, you know damn well that's not the purpose of AN, and that being "right" on a content matter is no excuse for transgressive behavior.

BTW, Wikipedia is not about "fairness" to its editors, it's about building an encyclopedia using specific rules to help guarantee neutrality and accuracy. One of those rules is that we don't allow one editor to hammer on multiple others until they get their way. Beyond My Ken (talk) 05:12, 20 May 2018 (UTC)

you know damn well that's not the purpose of AN, and that being "right" on a content matter is no excuse for transgressive behavior. Actually it routinely is for established editors, although it shouldn't be, and you spend enough time around ANI to know that "damn well". ―Mandruss ☎ 05:26, 20 May 2018 (UTC)

Perhaps so, but Factchecker was, has been, and remains a problematic and disruptive editor, so that standard would never apply to them, Such editors do not not, and should not, get the "benefit of the doubt" that "vested" editors perhaps do, at times. Beyond My Ken (talk) 07:17, 20 May 2018 (UTC)

Thanks for correcting your position. ―Mandruss ☎ 07:30, 20 May 2018 (UTC)

@Beyond My Ken: I am a highly competent and experienced editor who contributes to the constructive development of encyclopedia articles, using neutrally worded and carefully attributed references to top fact and opinion sources.

You have had no involvement in any of these articles or discussions—you are just mad at me over some stupid content disputes from years ago and are taking this opportunity to seek sanctions against me. Factchecker_atyourservice 14:53, 20 May 2018 (UTC)

I have found FActchecker to be highly dishonest with a tenancy to misrepresent both sources and users. Even when he agrees to comprise is in a tone that implies it is neither final, nor gracious (and by his actions shows that it is never final, he just rewords it and raises it again). He is prone to making PA's and accusations of bias. Simply (over this issue, not idea about anywhere else) he has a totally battleground mentality. His constant raising of the same issue is a time waster, made worse by his other problems.Slatersteven (talk) 09:12, 20 May 2018 (UTC)

This alleged "dishonesty" on my part is just extremely poor reading comprehension on your part. Factchecker_atyourservice 14:54, 20 May 2018 (UTC)

Requesting closure of this discussion and move to AE

This is mostly people involved in the topic area arguing with each other. Someone please close this; this isn't going to go anywhere (or atleast easily) without the structure of AE - we have it for a reason in these topic areas. Galobtter (pingó mió) 05:32, 20 May 2018 (UTC)

Proposal

Because of his disruptive BATTLEGROUND and IDHT behavior, BLUDGEONing, and POV-pushing at Talk:Trump-Russia dossier, Factchecker_atyourservice is indefinitely topic banned from the subject of Donald Trump, broadly construed, subject to the conditions at WP:TBAN. He may appeal the TBan every 6 months.

• Support - as proposer. Beyond My Ken (talk) 07:21, 20 May 2018 (UTC)

A petty attempt at revenge involving articles and content disputes you have had zero involvement in. Factchecker_atyourservice 14:56, 20 May 2018 (UTC)

• Support BMK analysis is usually spot on. Legacypac (talk) 09:18, 20 May 2018 (UTC)

Justify your vote or strike it please. Factchecker_atyourservice 14:55, 20 May 2018 (UTC)

Backlog

Got a 12 hr backlog at Wikipedia:Requests for page protection.--Moxy (talk) 03:16, 20 May 2018 (UTC)

Philip Cross

• Philip Cross (talk · contribs · deleted contribs · logs · filter log · block user · block log)

There's a lot of noise about Philip Cross (PC) on the internet, with implausible claims of COI and such, and it is pretty clear that he's engaged in a Twitter spat with some of the subjects of articles he's edited. That may well not be a problem at all - I have sparred with Dana Ullman online, that dispute originated with his POV-pushing here, it's not an off-wiki dispute imported to Wikipedia, it's a Wikipedia dispute that attracted off-wiki activism from people dissatisfied with our reflection of an entirely mainstream view, and the same seems to me on the face of it to be true with PC.

The characterisation of PC's targets as "anti-war" is framed to invoke sympathy from a typically small-l liberal project, but is problematic. George Galloway is not "anti-war", he's an activist for Palestine and supports Russia's involvement in Syria - he may be anti some wars but the claim of "anti-war" is at best questionable. He is without question a controversial figure, and not in a good way. It's also worth noting that the three main sources for criticism of PC are George Galloway, Sputnik (where Galloway is a presenter), and the Russian state media conglomerate RT (which is the parent network of Sputnik).

Given the off-wiki profile of this, and the to me obvious involvement of non-public information in assessing whether any of the claims made by Galloway (e.g. that PC is an account shared by a network of paid individuals) are actually true, should we refer this to ArbCom to ensure transparency and allow PC to definitively clear his name? Or is it a nothingburger? I'm rather leaning to the latter but I honestly don't know. Guy (Help!) 11:17, 20 May 2018 (UTC)