Jump to content

Wikipedia:Village pump (policy): Difference between revisions

From Wikipedia, the free encyclopedia
Content deleted Content added
Survey/discussion: support but for activity in general
Spamming complaint: Thinking further
Line 1,041: Line 1,041:


*Angry IP might have a point here. The initial nag screen that logged out editors see is 450px tall and the full width of the article, and on every subsequent page they see a similar big red notice measuring about 735x250px, until they dismiss it. In both cases article text is pushed down, not overlaid, but it's still quite obtrusive. [[User:Ivanvector|Ivanvector]] (<sup>[[User talk:Ivanvector|Talk]]</sup>/<sub>[[Special:Contributions/Ivanvector|Edits]]</sub>) 17:12, 28 November 2018 (UTC)
*Angry IP might have a point here. The initial nag screen that logged out editors see is 450px tall and the full width of the article, and on every subsequent page they see a similar big red notice measuring about 735x250px, until they dismiss it. In both cases article text is pushed down, not overlaid, but it's still quite obtrusive. [[User:Ivanvector|Ivanvector]] (<sup>[[User talk:Ivanvector|Talk]]</sup>/<sub>[[Special:Contributions/Ivanvector|Edits]]</sub>) 17:12, 28 November 2018 (UTC)

::Thinking further, there is a point to be made about our regular IP editors, the "anyones" who can and do edit Wikipedia to such positive effect. Why should they be penalised with relentless nagware just because they require to preserve their anonymity? No, all visitors - logged in or otherwise - should be treated with the same respect and consideration. This nonsense really does have to stop before I log back in and take it to Arbcom or wherever. Is there a better place than this to force the issue? [[Special:Contributions/83.104.46.71|83.104.46.71]] ([[User talk:83.104.46.71|talk]]) 20:31, 28 November 2018 (UTC)


== Proposed amendment to [[WP:LISTPEOPLE]] regarding the inclusion of lists of non-notable victims in articles about tragic events ==
== Proposed amendment to [[WP:LISTPEOPLE]] regarding the inclusion of lists of non-notable victims in articles about tragic events ==

Revision as of 20:31, 28 November 2018

 Policy Technical Proposals Idea lab WMF Miscellaneous 
The policy section of the village pump is used to discuss proposed policies and guidelines and changes to existing policies and guidelines.
If you want to propose something new that is not a policy or guideline, use Village pump (proposals).
If you have a question about how to apply an existing policy or guideline, try one of the many Wikipedia:Noticeboards.
This is not the place to resolve disputes over how a policy should be implemented. Please see Wikipedia:Dispute resolution for how to proceed in such cases.

Please see this FAQ page for a list of frequently rejected or ignored proposals.


Editors in this thread appear to be of the opinion that is is permitted to link to websites which violate copyright so long as it is the official website of the subject of the article. Citing WP:COPYLINK:

In articles about a website, it is acceptable to include a link to that website even if there are possible copyright violations somewhere on the site.

This is at odds with WP:ELOFFICIAL:

These links are normally exempt from the links normally to be avoided, but they are not exempt from the restrictions on linking.

WP:ELNEVER in turn states:

material that violates the copyrights of others per contributors' rights and obligations should not be linked, whether in an external-links section or in a citation

Furthermore, copyright violations is part of the TOU and is therefore not an issue which is subject to consensus.

Simply put, if there is a local policy that permits copyright violating links, then the local policy is wrong, and should be changed or ignored. GMGtalk 14:31, 16 October 2018 (UTC)[reply]

  • The official website link itself does not violate copyright. Same reason while why some youtube links violate copyright that does not mean we can't link to "youtube.com" or other youtube links. Technically, one could also link to sci-hub pdfs of public domain material etc Galobtter (pingó mió) 14:41, 16 October 2018 (UTC)[reply]
  • And YouTube has a regime in place to detect and remove copyright violating material, even if it lags behind uploads. This is not the case when linking to a site for which the violation of copyright is their core purpose, and who is frequently changing domains in order to avoid enforcement of copyright laws. Linking to such as sight is helping to bypass the copyright protections they are trying to avoid, and is therefore contributory copyright infringement. GMGtalk 14:54, 16 October 2018 (UTC)[reply]
  • I have yet to find anything indicating that simply linking to a website that contains copyrighted material on one of its other pages has been ruled contributory copyright infringement. Directly linking to copyrighted material on another page definitely has, but the homepage of a service that simply can be used to obtain copyrighted material? Seems more like original research than anything explicitly established in policy. --tronvillain (talk) 16:58, 16 October 2018 (UTC)[reply]
  • There are plenty of old copyright violations on Youtube. As a matter of fact, I'm listening to one right now, and furthermore it's easily reachable using Youtube's native search, in much the same way that copyright violations are accessible on Sci-Hub using that site's search bar. DaßWölf 02:07, 17 October 2018 (UTC)[reply]
@JzG: Sci-Hub probably has more "encyclopedic utility" than Wikipedia. And saying "what are people going to do if they click the link?" is no different than saying "what will people do if they read the article?" Or "what will people do if they hear the name?" Obviously, they might look for it. Gee, that would be a shame. Violating "intellectual property" is the same kind of illegality as violating a slave-owner's carnal property. Wnt (talk) 01:26, 18 October 2018 (UTC)[reply]
What rot. The link on the Sci-Hub article is largely decorative. Clicking it says less about the site than we do because it presents the site from a perspective that is objectively incorrect. Contributory copyright infringement is also a thing. Guy (Help!) 16:02, 22 October 2018 (UTC)[reply]
Looking at the site is an objectively incorrect way of learning about the site? A link is "decorative" ... and that's why you're fired up to delete it? If what you say has a meaning, I'm not convinced at this point. Wnt (talk) 02:58, 27 October 2018 (UTC)[reply]
  • If the site's reason to exist is to distribute material clearly against copyright, we should not link to it at all. Site's where copyright violations may exist but that is not the reason or function of the site and particular now due to actions of the site's operators, like YouTube or Researchgate, we can link to. --Masem (t) 11:13, 17 October 2018 (UTC)[reply]
    Masem - What's your opinion when this is say, the official site of the subject in question. For instance, we have an article on The Pirate Bay, which has a official website to that page. Pages like WireShare also have a similar page setup. Lee Vilenski (talkcontribs) 11:24, 17 October 2018 (UTC)[reply]
    I removed the links on the Pirate Bay article also, but was reverted. GMGtalk 11:26, 17 October 2018 (UTC)[reply]
    If it is the official site, we should not include and probably have a message why no link is included. Wires are seems to be a client that can be used to violate copyright, but requires users to give that material, so it's less of a prolem. --Masem (t) 11:31, 17 October 2018 (UTC)[reply]
    Wireshare/Limewire is an opensource P2P client. By that reasoning literally every P2P client can be said to be 'used to violate copyright' - as can every web browser, archive tool (winrar) etc. The difference is that Pirate Bay exists only to provide direct links to copyright infringing material (with a smidgeon of public domain) and SciHub similar (and actually hosts copyright infringing material itself). Only in death does duty end (talk) 11:36, 17 October 2018 (UTC)[reply]
    And the 'official' link, if it can be called such on wireshare is to its source page at github. Github hosts a huge array of opensource projects. I dont think anyone is going to suggest we start removing github links as it enables copyright infringement are they? Only in death does duty end (talk) 11:40, 17 October 2018 (UTC)[reply]
  • Include these links is my official vote. The text in the "Restrictions on linking" section should be taken to mean that you should not include a link if and only if clicking the link would directly cause the user to download [including as extended content directly included within a web page] copyright-infringing material. Not because he might find out more about how or where to do so or read some philosophy or download some program that might make it easier for him to decide to do so. Wnt (talk) 01:29, 18 October 2018 (UTC)[reply]
  • I also vote that these links should be included: It should not be the role of Wikipedia editors to police the copyright behaviour of readers. If clicking on a link does not automatically trigger a copyright violation, and if there is no clear instruction from WP legal that this is not permitted, then Wikipedia users should be entrusted to make their own decisions with the information available.Kyle MoJo (talk) 08:51, 19 October 2018 (UTC)[reply]
  • If it is legal under US law for Wikipedia to link to the homepage of these websites, then these links should be included as they are for any other website. If we permit ourselves to censor links based on moral objections to the site's contents (as opposed to legal objections) then this will be a never-ending debate. (Which objectionable site's official links should we remove next, Pornhub's, AlphaBay's?) Sizeofint (talk) 15:50, 19 October 2018 (UTC)[reply]
  • I think there's a distinction to be made between linking to a page that is itself a copyright violation, and linking to a service that sometimes hosts copyright violations somewhere on it. For me, the difference is between linking to the main YouTube page (which has no copyright violations) and linking to a video on YouTube that is itself a copyright violation. If the page we link to is itself kosher, there's no reason we shouldn't link to it (provided it meets other policies and guidelines, yada yada). --Jayron32 16:14, 19 October 2018 (UTC)[reply]
That misses the main thrust of the issue though. YouTube is a legitimate site that happens to have some copyrighted material on it (so is Wikipedia if we're being honest). No one is raising a fuss in that regard. The problem is when we have a site whose core purpose is the violation of copyright, and which courts have ruled are in-and-of themselves copyright violating services. That's potentially legally problematic, especially for sites that have been blocked in multiple countries, and for whom our article is likely higher in search results than their actual website.
I don't expect legal to actually give us an opinion on the matter, although I have emailed them and notified them of this thread. (Legal, in my experience, doesn't express much of an opinion on copyright unless they have a takedown notice in hand.) But just because legal won't preempt themselves in public on an issue they may have to one day argue in court, doesn't mean this doesn't have foreseeable potential legal implications. GMGtalk 00:06, 20 October 2018 (UTC)[reply]
I think the en.wiki community is neither required, nor particularly competent, to judge fine legal niceties like this. If the Foundation lawyers are worried about it, they'll let us know; it's certainly been pointed out to them. If they're not, I don't see why we should be. --Trovatore (talk) 00:18, 20 October 2018 (UTC)[reply]
Even if there is some lawsuit out there by the ACS (one of the worst offenders in terms of paywalled articles), that would only speak to their liability to ACS about ACS articles according to a court far from Sci-Hub's own country. A private lawsuit between those parties could not have produced an overall determination of the "core purpose" of the site as some kind of law or regulation that everyone else is supposed to know about or follow. I think that the core purpose of the site is obvious: it is meant to allow people all over the world to share the text of articles to which they have access with people who express their interest; in other words, it is an interlibrary loan site very similar in nature and operation to WP:WikiProject Resource Exchange or ResearchGate, though more efficient. While American Chemical Society may be eager to extract a few dollars from peasants particularly desperate to see some article, this foolish crusade comes at a substantial cost -- because what is the ordinary voter going to do who hears about a chemical controversy and runs into a paywall telling him he's not allowed to see the publicly funded science for himself? He is going to do what any intelligent person would do in that situation and conclude that "chemicals are bad for you." You can't blame a person for having a stupid point of view when you have hired guns standing over him to force him to be stupid. But I digress. Wnt (talk) 20:44, 20 October 2018 (UTC)[reply]
Interlibrary loan terms are agreed to in contracts and subscription packages, and have various restrictions (and generally a charge on the part of the borrowing library, explicitly to protect copyright). Sci-hub, by it's own admission, has none of that. Every source agrees that it's intentionally and knowingly violating copyright laws on the articles. There's never been a colorable legal argument made by Sci-Hub or any of its defenders to the contrary; indeed, part of its justification is that those laws are unjust, harmful and deserve to be defeated, but not that they aren't being violated as they currently exist. That's it's whole reason for existence. The fact that I think modern copyright law is insane (which it is) doesn't change that it is the law at the moment.Just a Rube (talk) 11:46, 22 October 2018 (UTC)[reply]
To the best of my knowledge, any such guidelines are not universally followed even in the United States, and it is worth noting that Sci-Hub is not in the United States and is free to follow whatever legal standards its country adopts for Fair Use. The site has not been shut down, its maintainers have not been arrested, and so the only question is whether your national network is going to censor foreign traffic because it contains dangerous information, or ban local discussion of how to access such networks. Wnt (talk) 03:10, 27 October 2018 (UTC)[reply]
  • No link the site's entire purpose is to violate copyright law. There is no non-infringing purpose behind it. Anyone who wants to find the site can find it easily without including a link.Just a Rube (talk) 11:46, 22 October 2018 (UTC)[reply]
    • Really? No non-infringing purpose? How do you explain the following link to a torrent of the GIMP v5.12 Open Source Image Editor, downloaded from The Pirate Bay? [2] --Guy Macon (talk) 13:31, 25 October 2018 (UTC)[reply]
      • Given that Gimp is only at v2.10, one has to ask out legit that is. It is known that software pirates often rename files to mask what they offer, this looks like such a case. --Masem (t) 13:36, 25 October 2018 (UTC)[reply]
        • I don't want to delve into nitty gritty of version numbers of package components, so I'll just cite Darkwood, TPB AFK, 3D printer data distributed on Pirate Bay. I'm sure there are other "legitimate" uses. (Well, you can argue the last isn't legitimate since the data is banned in the U.S. under the 1st and 2nd amendments, but Pirate Bay isn't in the U.S., and the U.S. actually targeted one person only, so... but Wikipedia made me take out Infowars' link to the topic that came up, because you know that's fake news ... computers are all about the owner of the computer telling everyone else what to do for no reason at all, so I shouldn't be surprised at any of you any more. You live to serve your Master, period.) Wnt (talk) 03:29, 27 October 2018 (UTC)[reply]
  • Do not link to any dedicated copyright violating service. I'm not above admitting to using Sci-Hub, or the Pirate's Bay on occasion, but that should not be taken as any sort of push to legitimize them. If there is no other significant service offered by the site, then there is no encyclopedic value offered by including the link. Peer-to-peer networks and clients are not dedicated copyright violating services, but -like YouTube or google image search- are services which are frequently misused for that purpose. ᛗᛁᛟᛚᚾᛁᚱPants Tell me all about it. 12:43, 22 October 2018 (UTC)[reply]
  • Yes link. The purpose of the link is key. You can't use a link to point to infringing content relevant to some article, but of course you can use a link to identify and access a site itself. Alsee (talk) 01:27, 25 October 2018 (UTC)[reply]
  • Yes link - Linking to a domain is not infringeing copyright. What our readers do once they navigate to a site is up to them. It would be pretty stupid for a website article not to have the URL - it's one of the fundamental pieces of information about the topic and we are not meeting our readers' expectations if we do not include them. If there are legal issues with us linking to the, them WMF legal will let us know, but the fact that these links have been present so long indicates that they are not. SmartSE (talk) 12:11, 25 October 2018 (UTC)[reply]
  • Yes Link. Even a site like The Pirate Bay has legitimate uses. For example, it is the fastest way to download older versions of Slackware Linux. And a site like Google can easily be used to find copyright-infringing material. --Guy Macon (talk) 12:36, 25 October 2018 (UTC)[reply]
  • No link - It’s not just that the admitted purpose of the site is to violate copyright, and linking to the site aides and abets illegal activity; but the site is used for spreading malware. O3000 (talk) 13:25, 25 October 2018 (UTC)[reply]

I'm a bit late replying, but thought I'd offer a couple thoughts. First, the actual legal doctrine is nigh-impossible to do anything with. Links like this vary by country, and the current doctrine in Europe asks questions about the specific knowledge of the person doing the linking and whether the link is for commercial purposes, among other things. I would suggest that the Foundation is not going to overrule the community if people think that specific links are appropriate and important for an encyclopedia article on a notable topic, but there is a chance we could receive legal demands in specific cases that cause us to have to change something, which we would evaluate on a case by case basis if it came up. Also, just as a matter of community good will, if you know that a particular Wikipedia page is being used as a hub to facilitate copyright infringement for some reason, it's probably good to make changes to prevent that, regardless of the specifics of what the law says.

For whatever difference that makes to anyone. GMGtalk 21:25, 25 October 2018 (UTC)[reply]
It means I really regret that Mike Godwin, a couple of months after dissing the FBI on our behalf, somehow ended up bundled off to a loony bin. He was never prone to mumble! Nor would he have been one to contemplate retreating without a fight based on mere demands from the right-placed parties. But that kind of private law isn't something you can try to anticipate -- they're nonetheless saying they'll do whatever whenever, and we can go back to our regularly scheduled article unless and until they make it a ruin. Wnt (talk) 03:04, 27 October 2018 (UTC)[reply]
Also, just as a matter of community good will, if you know that a particular Wikipedia page is being used as a hub to facilitate copyright infringement for some reason, it's probably good to make changes to prevent that, regardless of the specifics of what the law says And what about WP:NOTCENSORED?
  • Here is an idea. Forbid any links to any site that may link to any other site that may link to copyright infringing material. That makes it simple: we can set up a bot that removes every citation on Wikipedia. No more arguing about sources if all the sources are removed! The only downside is that the copyright-industrial-complex will say that this is not good enough, and that we need to form death squads to kill suspected infringers. --Guy Macon (talk) 05:44, 27 October 2018 (UTC)[reply]
Your logical fallacy is: slippery slope. This site is dedicated to copyright violation. It's not about some links to a site that might hypothetically link to another site that violates copyright, it's about direct links to a site whose sole reason for existence is the systematic violation of copyright. Guy (Help!) 10:52, 27 October 2018 (UTC)[reply]
From between the serapham, JzG has judged the sole reason for existence of a site. Yup, these sites are only for copyright violation. Unless they're also for distributing documentaries and games legally, as I cited above, or more interestingly, for violating censorship not-laws against making a drawing of a gun that someone could use to program a 3D printer. Really, I think the 3D printing business could be Pirate Bay's biggest draw in a few years, because just think of all the stuff various governments will be looking to ban blueprints for. I mean, what if you could 3D print the little plastic thingamajjig that is absolutely required to close your microwave door and authorize its electronic Brain to allow you to turn it on and which is designed to break every 3 years to make you buy a new one? Making one the right length with the right curve to fit would violate, oh, patents, design patents, business model patents, and copyrights on their mode of operation, right? Somebody gotta ban it, and it'll turn up on Pirate Bay. Or what if you could 3D print eyeglasses that aren't within the legal range of farsightness to be sold cheaply on a rack at the drugstore, undermining the doctors' racket? Somebody gotta ban it. Or what if you could make something to bypass location tricking on a fancy new self-driving car and make it visit a location proles aren't allowed to? It would be out and out terrorism! What if you could download a banner opposing fascism or supporting democracy during the key period before the election in Brazil where such content is taken as obviously partisan against Bolsonaro? [3] Obviously gotta ban that, worldwide. So I see potential for all kinds of Illegal Activities On Pirate Bay that don't fall strictly into the realm of copyright violation. Wnt (talk) 12:49, 27 October 2018 (UTC)[reply]
And according to our Sci-Hub article, that website has a significant amount of public domain content that heretofore was hidden behind paywalls. Sizeofint (talk) 17:01, 27 October 2018 (UTC)[reply]

Foundation Legal isn't stopping us from linking, so legality isn't the issue here. To summarize the above discussion, it seems like those opposed to linking are mostly just making moralistic arguments in favor of attempting to police the behavior of our users. If this discussion is indeed such a moral judgement, then I suppose I'd toss my vote in favor. But of course, I was under the impression that Wikipedia is not censored. Benjamin (talk) 08:24, 3 November 2018 (UTC)[reply]

Removing warnings on one's own talk page

One thing that has frequently happened to me is that I would be looking through a user's talk page before giving a warning, lo and behold, they were given a level 4 warning and I didn't know it because they blanked their talk page. It is extremely inefficient to browse diffs to see what warnings they were given. Per WP:BLANKING, people can delete warnings as evidence that they read the warn. I would like to propose a change to that policy that allows users to remove warnings only if the warned user and issuing user come to an agreement or a set amount of time has passed (lets say 6 hours) which allows recent changes patrollers to see if the user is a persistent problem or just a one off incident. Kyle Bryant (talk) 02:31, 17 October 2018 (UTC)[reply]

Wikipedia:Perennial proposals#Prohibit removal of warnings. – Finnusertop (talkcontribs) 10:13, 17 October 2018 (UTC)[reply]
If the WMF wanted to help us with this, they could easily make it so that a person just reading the talk page doesn't see the deleted warnings but a special button makes them visible. They could allow anyone to push that button, only extended confirmed users, or only admins.
I wonder, would a script be able to automate most of the work of searching the history for deleted warnings? --Guy Macon (talk) 10:56, 27 October 2018 (UTC)[reply]
    • Support proposal for button, as the warnings easily get deleted and out of view so making problematic editing situations difficult to judge Atlantic306 (talk)
  • Meh... I don’t find it onerous to look in the talk page history to see if a user has received previous warnings. No big deal. Blueboar (talk) 14:14, 4 November 2018 (UTC)[reply]
  • Oppose; the purpose of a user talk page is to serve as a means of communication with that editor, not as a wall of shame documenting that editor's past mistakes. If the five seconds it takes you to click on "history" is too long for you, you're the one editing too quickly and without due care and attention. ‑ Iridescent 14:26, 4 November 2018 (UTC)[reply]
  • Oppose- If some chucklehead wanders by to plaster a frivolous warning on my talk page, of course I am going to remove it. Reyk YO! 14:33, 4 November 2018 (UTC)[reply]
    Urge to warn frivolously...rising...Deacon Vorbis (carbon • videos) 14:46, 4 November 2018 (UTC)[reply]
  • Oppose because it took all of my stockpile of self-control for the day not to go post a snarky warning on the OP's talk page and therefore it's all Wikipedia's fault I just ate a giant chocolate-chip cookie for lunch. Opabinia externa (talk) 21:37, 4 November 2018 (UTC)[reply]
  • Question, how difficult would it be to just make a user script that looks at the page history and displays a list of warnings, from say the last 2 days, or maybe a configured amount? If possible it would remove the need for policy changes while allowing people who want/need the information to get to it easily. zchrykng (talk) 22:04, 4 November 2018 (UTC)[reply]
  • Oppose, but I would support adding a separate log for user warnings, with a tab visible to admins showing recent warnings to a given user. bd2412 T 22:30, 4 November 2018 (UTC)[reply]
  • Oppose. I can't make much sense of the idea that if I give someone a warning I have to also have a discussion with them and come to an agreement about when they can remove the warning from their page. If I were an asshole, I could withhold that agreement indefinitely just to stick it to them. WP has plenty of assholes. More to the point, if I'm leaving someone a warning, I have way better things to do that have a pointless discussion with them about the archiving of their talk page. Especially since their disagreeableness and inability to work toward compromise with other editors may be the proximal cause of them receiving the warning. In short, WP:NOT#BUREACRACY.  — SMcCandlish ¢ 😼  10:31, 11 November 2018 (UTC)[reply]
  • Oppose - Would create more problem than it solves.
    The script ideas above aren't bad, but how often does a script-qualified editor who doesn't feel strongly about the need devote the time to create a script because there is a consensus among a few people at the Village Pump? I don't know. ―Mandruss  11:21, 11 November 2018 (UTC)[reply]
  • Snow Oppose This would discourage users who get a warning from editing Wikipedia. —Eli355 (talkcontribs) 22:11, 22 November 2018 (UTC)[reply]
  • Comment A separate log containing all warnings, bans, AE sanctions, etc. against a user would be a better solution. This isn't just a user talk issue; when an editor is quite active at noticeboards, it can be difficult to track down a "consider this your last chance" warning, especially when you don't know if it exists in the first place. Even formal restrictions such as topic bans and ibans aren't always documented clearly. –dlthewave 15:26, 23 November 2018 (UTC)[reply]
  • Oppose - Bureaucracy at its most pointy. — Maile (talk) 00:05, 28 November 2018 (UTC)[reply]

RfC on schools' inclusion criteria

Should Wikipedia have one set of criteria about articles on schools up to and including the high school level and a different set for articles on schools of higher education? (I.e. beyond high school, e.g. universities.) -The Gnome (talk) 12:46, 9 November 2018 (UTC)[reply]

Background

This follows a series of discussions and RfCs in other pages, over the years. (See "Links to relevant threads," herebelow.) This RfC tries to take on the issue of school notability and inclusion of schools articles in Wikipedia slowly and piecemeal. It is posted here following the suggestion that the PUMP is the appropriate place for such a broad-policy question. Editors are encouraged to add to the link-sections below if they believe something is amiss.

List to relevant threads

List to relevant policies, guidelines, essays

Ping-o-mat

Notifying editors who got involved in past discussions:

Survey

  1. Universities etc: Presumed to be notable
  2. Secondary schools: In some cases (old ..) presumed to be notable
  3. Primary schools: not notable (should be in the article about the administrative unit to which they belong, as well as the not notable secondary schools)
  4. School buildings: if built by some famous architect
The GNG is quite abstract, so there is need for concrete criteria. Per W (talk) 11:10, 11 November 2018 (UTC)[reply]
  • No need, using NORG for both, per Blueboar/Jayron32. I will point out there have been past attempts to have school-specific notability guidelines, but these never gained consensus (per what Per W is describing). --Masem (t) 06:32, 12 November 2018 (UTC)[reply]
  • Uncertain what to use for specific criteria, if any at all other than WP:GNG. I should however note that simply being verified to exist DOES NOT make any educational institution inherently notable enough to warrant a page. We shouldn't presume something is article-worthy just because it's a college/university/school. Perhaps WP:NSCHOOL could make a more explicit note of this. Snuggums (talk / edits) 06:36, 12 November 2018 (UTC)[reply]
  • I'm not sure if we do need a SNG for schools (I'm leaning towards yes), but I'd rather that we don't allow articles on every single secondary school. There has to be a cut-off somewhere. Narutolovehinata5 tccsdnew 06:40, 12 November 2018 (UTC)[reply]
  • Yes schools are not just ORGs they are a special kind of organization that attract articles. Everyone would like to see their high school and University on Wikipedia. Schools tend to produce notable graduates. They are important infrastructure like highways and town councils and they play an important role in building communities. Wikipedia does a public service by covering schools because it allows some verification that people are listing real schools on their resumes and not diploma mills. I believe every legitimate post sec degree granting school should have a page, while high schools and elementry schools should be covered within a page on their school district. If there is no school district (say an independant/private school) high schools should have pages and elementary schools not. I strongly favor a bright line rule like WP:GEOLAND rather than a fuzzy guideline that results in endless debates about the notability of this or that school, how reliable the sources are and so on. Why is school X notable while school Y across town in the same district is not? Sports and crime stories are going to decide notability if we have a fuzzy rule. Legacypac (talk) 06:41, 12 November 2018 (UTC)[reply]
  • "Everyone would like to see their high school and University on Wikipedia". While that may be true for most, I can recall cases at OTRS where teachers have contacted us asking for the article on their school to be deleted because it is a target for vandalism. Just the other day, I removed some highly derogatory content from Berachampa Deulia Uchcha Vidyalaya that had gone unnoticed for more than a year. This is partly why I think we should focus on quality over quantity with schools articles. Cordless Larry (talk) 08:09, 12 November 2018 (UTC)[reply]
  • I lean toward "no need" but am open to being convinced otherwise, mainly because of the years of dispute history involving this stuff. In the views of those who think we need special rules for schools, please explain a) why NORG isn't good enough, and b) why it can't just be fixed in NORG instead of in a probably pointless WP:POLICYFORK that we'd be likely to merge anyway. On the above detailed proposition, I don't agree with Per W's summary. No secondary schools are "presumed to be notable". If one is very old and has a richly detailed RS track record, it is notable because of the RS coverage – it is demonstrated not presumed to be notable. I don't think even universities should be presumed to be notable, since various things call themselves universities that are not one. If something with "College" or "University" or "Institute" in its name turns out to be notable it's because we verified the RS coverage of it and demonstrated it to be notable, not because we presumed it was notable. Mountain ranges and heads of state are presumptively notable because of what they are, of their scope in the grand scheme of things. I agree that primary schools are presumptively non-notable, i.e., that it's going to take really strong RS showing to demonstrate that one is. That said, NORG seems to already have all this covered.  — SMcCandlish ¢ 😼  06:53, 12 November 2018 (UTC)[reply]
    • Comment: Assigning qualitative attributes to higher educational institutions must be the work of sources considered by Wikipedia to be reliable; it's certainly not within an editor's scope of authority since that would be their own, personal judgement. In case no such third-party, independent assessors of higher-education quality exist, we have to decide what to do, in view of what SMcCandlish rightly points out above ("various things call themselves universities that are not one"). -The Gnome (talk) 12:11, 18 November 2018 (UTC)[reply]
      Definitely not an idle concern. I ran into this right before the wikibreak I just returned from (a religious, borderline cult thing that got permission to build a "university" in one country or another, but which is really an indoctrination farm and money-suction device). There is some coverage of it (though probably based on press releases by the religious group and/or the govt. that approved their permits and stuff); an editor unaware of the organization's nature might easily be fooled into assuming it really was an instititution of higher learning. This is very similar to all the charter schools being run by for-profit companies, just with a religious instead of commercial focus.  — SMcCandlish ¢ 😼  19:30, 18 November 2018 (UTC)[reply]
  • Clarification:
  1. Universities and colleges: Presumed to be notable
  2. Secondary schools (including defunct institutions): Presumed to be notable
  3. Primary schools: Some AfD's have been ridiculous and overzealous in squashing notability of some lower level schools that have achieved significant coverage. I am frequently astounded at the serial blindness of a certain class of editors who cannot see a long list of sources, obviously achieving the basics of WP:GNG. Instead they only see the hard gospel of a WP:SCHOOLOUTCOMES, with no room for reason.
Because we have that class of editor roaming the back pages of AfDs (looking to cause trouble), we cannot provide them any further ammunition for their arguments. No wiggle room, no further limitations they can misinterpret as an excuse to censor additional wikipedia content. I will note, on the many school articles I have tried to create or improve, I have not found the same consistent set of sources for school information that are available for other common subjects. Government lists are frequently years out of date and incomplete. Many sources are community generated and don't meet the standard of WP:RS. And the best sources for a specific school ultimately resolve back to WP:PRIMARY where your quality and consistency may vary. I know of probably a dozen or more large schools that have no articles and that have been that way for a decade. Why? The sources to create even the most cursory stub just aren't available to me or anyone else who looks. I've personally written to many schools suggesting they write their own article . . . make it a class project. Tell the world the story of your school and find the local sources to back it up. It has worked a few times, but most of the time it is ignored. With that inconsistency of sources, additional limitations to our criteria are not warranted or useful. Trackinfo (talk) 07:04, 12 November 2018 (UTC)[reply]
Please see my comment just above yours. It's highly dubious that any of these things are presumed notable, certainly not below the university level and even that's iffy because not everything with that word in its name is a legit institution. PS: Deletion is not determined by a conspiratorial cabal of roaming troublemakers, but by general community consensus at AfD. If someone makes compelling arguments for deletion and no one can mount a compelling reason to keep then the article should in fact be deleted. You seem to be making an argument against Wikipedia operating the way Wikipedia operates.  — SMcCandlish ¢ 😼  14:26, 14 November 2018 (UTC)[reply]
  • No need A key problem with having different rules for different tiers of education is that the institutions within those tiers differ wildly. For instance, while US high schools seem to be huge, Australian ones tend to be relatively small (hence a major issue I have with editors who argue that high schools are automatically notable - maybe they are in the US, but not in Australia). The size of higher education institutions in Australia varies from about 73,000 students at Monash University to dozens at some private sector tertiary education providers, so obviously the same rules can't apply to all. WP:ORG does a good job, and there's no need to treat educational institutions in a special way. Nick-D (talk) 07:17, 12 November 2018 (UTC)[reply]
  • Please close this before it becomes a huge mess like the last RfC on this issue some things are just best not talked about in a large RfC and are best found out through practice. Divisive issues where massive RfCs have consistently not reached any consensus are one of them. Also, NORG explicitly does not apply to schools as was part of the consensus adopting the new standards. TonyBallioni (talk) 08:38, 12 November 2018 (UTC)[reply]
  • No point. This is a battle that was lost over a decade ago, and the notion that secondary schools of whatever size or importance are exempt from any notability standards or sourcing requirements is about as set in concrete as any COMMONOUTCOME on Wikipedia. Waste of time and breath to hash it out yet again. Ravenswing 08:42, 12 November 2018 (UTC)[reply]
  • No. In actual fact, the criteria we usually use cover (a) primary and middle schools, and (b) secondary schools and tertiary institutions. We usually consider (b) to be notable and (a) not to be. -- Necrothesp (talk) 08:46, 12 November 2018 (UTC)[reply]
@Necrothesp: where are the criteria that are used? --Per W (talk) 12:41, 12 November 2018 (UTC)[reply]
  • No need - Both types of institution should be covered by WP:ORG. But it should be a good idea to get rid of SCHOOLOUTCOMES as it is too often misused as a policy to keep schools, even when horribly written and unsourced. The Banner talk 09:45, 12 November 2018 (UTC)[reply]
  • I agree with TonyBallioni, and I think the specific line he is referring to in WP:ORG is The scope of this guideline covers all groups of people organized together for a purpose with the exception of non-profit educational institutions ... (emphasis mine). Mz7 (talk) 12:34, 12 November 2018 (UTC)[reply]
The problem with that highlighted sentence is that the ORG guideline subsequently goes into some detail about schools... in fact it has an entire sub-section devoted to them... so (despite the highlighted sentence) it is obvious that schools ARE considered within the scope of the ORG guideline. I think that sentence will need to be removed, but that is for another discussion. Blueboar (talk) 17:05, 12 November 2018 (UTC)[reply]
Yeah, point taken. Mz7 (talk) 03:39, 13 November 2018 (UTC)[reply]
  • No per Necrothesp's comments. Over six years ago I perused 100s of high school AfDs which I compiled in an essay and concluded that no matter what anyone ever says and how many RfCs and dramafest discussions we have, verifiable high school articles that aren't just a one-sentence piece of crap are almost ALWAYS kept. --Milowenthasspoken 12:55, 12 November 2018 (UTC)[reply]
Good survey! So a well-written article (with enough verifiable content) about a high school should be kept. Couldn't we then state somewhere that high schools are presumed to be notable? Then we can avoid lots of discussions. --Per W (talk) 14:39, 12 November 2018 (UTC)[reply]
Note that the phrase "presumed to be notable" does not mean "is inherently notable". A presumption of notability simply means we should give a school article the benefit of the doubt... waiting to delete until we have done due diligence in searching for sources (per WP:BEFORE). Blueboar (talk) 17:05, 12 November 2018 (UTC)[reply]
Cordless Larry: See, and that's exactly what I was talking about below, about schools in non-English speaking countries. We delete them because we don't have or can't read the foreign-language sources. But I can guarantee you such schools would have been kept if they were in Anglophone countries. In effect, if we insist on GNG for high schools we are institutionalizing WP:Systemic bias. --MelanieN (talk) 10:07, 13 November 2018 (UTC)[reply]
But if we can't read the sources, then I don't see what we can base articles on. I'm also not sure that the issue is about not being able to read the sources, because we have some regular school AfD participants who have the language skills necessary to read local sources, but rather that the sources often don't exist online, so we can't access them. Cordless Larry (talk) 10:10, 13 November 2018 (UTC)[reply]
Cordless Larry: The only thing I've seen changing is that more articles are being created these days for high schools in far flung non-English speaking places without available online sourcing. Those have always candidates for deletion. When the "are high schools notable?!?" debate began 15 years ago with the VfD for Union County Magnet High Schools, editors were debating mainstream large American high schools. E.g., Jimbo Wales made the argument in November 2003 that Randolph School could have an article. No one would dream of sending something like that to AfD today. I screenshotted the article deleted via Wikipedia:Articles for deletion/Kishorchak Banamali High School, it was unsourced, there was no option but to delete. If someone wants to spend their time on wikipedia tracking down stubs to Indonesian and Indian high schools without sourcing, they will get them deleted.--Milowenthasspoken 14:01, 13 November 2018 (UTC)[reply]
Yes, true enough about Kishorchak Banamali High School, which was pretty much my argument there too, Milowent. Some editors will still argue for keep even in such circumstances, however - including admins, which worries me. Cordless Larry (talk) 14:39, 13 November 2018 (UTC)[reply]
  • Keep the current understanding: institutions of higher learning (degree granting) and secondary schools (diploma granting) should be presumed to be notable, if there is confirmation of their existence and status. This practice 1) prevents endless arguments because high schools and colleges, like professional sports figures, virtually always turn out in a search to have enough coverage to qualify, and 2) helps to get around our inherent bias against non-English-speaking countries, since even though coverage likely exists, it can be hard to find in the non-English press. MelanieN (talk) 17:24, 12 November 2018 (UTC)[reply]
  • Keep as is. Agree with MelanieN on all issues. In fact I'd like to take her comment above and frame it somewhere. Hobit (talk) 18:08, 12 November 2018 (UTC)[reply]
  • Different set (NOT NORG) - Secondary schools and definitely accredited universities should be presumed notable status. Classifying them in with WP:NORG is wildly OTT and also sets them a higher level of standards to meet when the circumstances for those stricter requirements is less likely to occur. I haven't marked this as "Keep" like MelanieN since there is such disagreement as well as partial rollback from this position that "Keep" is itself a level of dispute. Nosebagbear (talk) 18:21, 12 November 2018 (UTC)[reply]
  • No – GNG suffices. Nothing should be 'presumed' notable. If it doesn't meet GNG, it doesn't belong on Wikipedia. RGloucester 03:33, 13 November 2018 (UTC)[reply]
On the contrary, there are many traditional and accepted special guidelines at enwiki that define notability in ways other than GNG - for example, WP:NACADEMICS. This is not a new or startling concept, it is long-established practice; see WP:SNG. There are many special guidelines for specific categories of article that "presume notability" if certain criteria are met - for example, playing a professional sport at the highest level. The rationale behind this presumption is that such people will virtually always be found to have received coverage that meets GNG, so let's just accept that and not get into thousands of individual arguments about it. The nutshell at WP:NSPORTS spells it out very clearly: "An athlete is presumed to be notable if the person has actively participated in a major amateur or professional competition or won a significant honor, as listed on this page, and so is likely to have received significant coverage in reliable secondary sources that are independent of the subject." That is also the rationale behind presuming notability for high schools and colleges. --MelanieN (talk) 09:59, 13 November 2018 (UTC)[reply]
Did you ever consider that perhaps I do not agree with the way such guidelines are used? I'm being asked this question in the context of schools, and in the context of schools, I do not believe anything other than GNG is required. We can discuss sport when someone opens an RfC on that subject. If a school does not meet GNG, it does not need a Wikipedia article. Wikipedia is not a directory. In any case, like others here, I would also be satisfied by bringing schools formally under WP:ORG, if that's preferable. RGloucester 15:30, 13 November 2018 (UTC)[reply]
Um... folks... Schools already ARE covered formally under WP:ORG... See WP:NSCHOOLS. Blueboar (talk) 16:04, 13 November 2018 (UTC)[reply]
It seems somewhat ambiguous at the moment, given the "exception of non-profit educational institutions" caveat in the lead. What I meant is that I'd be fine with clarifying WP:ORG to the effect above. RGloucester 16:21, 13 November 2018 (UTC)[reply]
For the sports-specific notability guideline in particular, it does not define notability in a way other than the general notability guideline. It provides guidance on when it is highly likely that the general notability guideline can be met with a sufficient search for suitable sources. It was discussed last year in this venue, and the closing statement once again affirmed this in the context of WP:NSPORTS (as has been discussed many times since, the closing statement overstepped in its broader conclusions for all subject-specific notability guidelines). isaacl (talk) 17:13, 13 November 2018 (UTC)[reply]
That's correct, and also applies to virtually all other SNG (subject-specific notability guidelines). There are a handful of divergent ones, like WP:NACADEMIC, and the level of consensus they enjoy is disputed. For the record, I think we need them in some cases when facts about the real world make it otherwise more difficult to have the articles we need – e.g. the fact that mega-influential scientists in their field often get no mainstream news coverage of any kind, just get cited thousands of times by other researchers. But it's a rare divergence from GNG. It will take a lot of community input to figure out whether such a variance should apply to a topic, and will require a community consensus that something is quite different about that topic. We've been over schools so many times I don't think consensus is likely to change in favor of doing so. They aren't different in any salient way from other organizations, other than they inspire some Wikipedians to consider them "important". (Anyone new-ish around here: see WP:Notability/Historical and WP:ITSIMPORTANT for how "include it because it's important" has been received by the community for the last decade and a half.)  — SMcCandlish ¢ 😼  12:56, 17 November 2018 (UTC)[reply]
  • Yes: Need separate standards to facilitate discussion and consensus - Many of the comments above don't answer the question being posed, namely, whether there should be separate standards for high schools and post-secondary institutions. I think there should because it will facilitate a more focused discussion. Even for those think that WP:NOTABILITY, WP:ORG and other guidelines adequately cover the field, should recognize that others disagree and have reasons for that disagreement. Those reasons (and the objections to them) are, I think, different for high schools and universities, and it would be helpful to discuss them separately, acknowledging (at least) the possibility of different guidelines for each. My (admittedly brief) involvement and review of past attempts to reach consensus makes it clear that the differences make discussing any particular proposal more difficult.Federalist51 (talk) 21:36, 14 November 2018 (UTC)[reply]
  • Comment There may be some validity to "schools being an important part of the infastructure". However living in Detroit, Michigan I live in a place where there have been several fly-by-night charter high schools, so I am less convinced than some that all schools that are at the high school level are notable. I also have seen way too many articles that have only been sourced to show a place exists survive on the theory better sources could be found, while no one even tries to find such sources. We need much clearer policies.John Pack Lambert (talk) 05:22, 16 November 2018 (UTC)[reply]
    Agreed on both points. We have no policy or guideline suggesting that schools of any kind are presumptive notable, and a clear guideline (WP:NORG#Schools) stating the opposite, yet some AfD respondents persist in trying to presume their notability.  — SMcCandlish ¢ 😼  12:56, 17 November 2018 (UTC)[reply]
  • No need for yet more bureaucracy and instruction creep and oppose the desire and intent to override clear consensus at AFD by shovelling on more and more red tape Atlantic306 (talk) 17:30, 17 November 2018 (UTC)[reply]
    If, instead of vagueness, some kind of "clear consensus" exists either way, it would be most helpful for the conduct of AfD participants, as well as for this RfC's progress, to have hard, arithmetical data. -The Gnome (talk) 12:01, 18 November 2018 (UTC)[reply]
Of what? There's no doubt that we have a clear consensus; it's codified at WP:NORG#Schools. This is rehash is just another thing that needs to be listed at WP:PERENNIAL.  — SMcCandlish ¢ 😼  19:36, 18 November 2018 (UTC)[reply]
Atlantic306 claims that there is "clear consensus at AfD" (emphasis added], but this is previcely the root of the problem. Although WP:NSCHOOLS seems adequately clear (it's not entirely clear, since it asks for A or B or A&B), the recent historical record in AfDs shows that decisions can go, actually, every which way depending on who takes part in each discussion, what is the subject's nationality, etc. And this is how and why the quest for clarity started. The background is in the links in the Relevant Threads section above. It all has come down to whether or not the criteria should be the same for both high schools and colleges of any kind. And here we are. -The Gnome (talk) 13:59, 19 November 2018 (UTC)[reply]

General discussion

Greetings, Izno. I'd appreciate any help from anyone in fixing this. I should note here that these were not pings per se but mere full-style usernames. Perhaps that helps. Thanks in advance. -The Gnome (talk) 14:02, 9 November 2018 (UTC)[reply]
Linking to userpage is a ping, the above did not go through because the count is above 50. Instead of trying to fix that I would advise to just remove the section, it's unnecessary. –Ammarpad (talk) 14:27, 9 November 2018 (UTC)[reply]
Would it work to break the list into smaller groups of pings? Blueboar (talk) 15:08, 9 November 2018 (UTC)[reply]
Yes, but even then not in one edit. Each smaller group if they'll add up beyond 50 in one edit, it won't work. My rough count shows there's around 120 editors above; so you can ping batch of 40 in 3 separate edits. –Ammarpad (talk) 15:25, 9 November 2018 (UTC)[reply]
Thanks, all. I'll get to it. Take care. -The Gnome (talk) 07:03, 10 November 2018 (UTC)[reply]
Sad to say, that probably didn't work. Each edit has to be signed - see WP:PING Note that the post containing a link to a user page must be signed; if the mention is not on a completely new line with a new signature, no notification will be sent. (Multiple mentions on the same new line with new sig are fine.) 92.19.25.230 (talk) 22:05, 10 November 2018 (UTC)[reply]
Thank you, 92.19.25.230. I did the multiple, signed edits. Take care. -The Gnome (talk) 06:28, 12 November 2018 (UTC)[reply]
Ammarpad, IMVHO the issue is quite important and participants in past discussions on it should be informed of this RfC's opening. Take care. -The Gnome (talk) 07:11, 10 November 2018 (UTC)[reply]
The Gnome's ping worked that time 8 mins ago. Graeme Bartlett (talk) 06:33, 12 November 2018 (UTC)[reply]
Thanks for the confirmation, Graeme Bartlett. -The Gnome (talk) 10:27, 12 November 2018 (UTC)[reply]
I don't know if all the pings worked (I was notified) I just think you should have called it pingamajig. Ivanvector (Talk/Edits) 10:33, 12 November 2018 (UTC)[reply]
Noted for next time, Ivanvector! -The Gnome (talk) 13:13, 12 November 2018 (UTC)[reply]
  • An obvious thing, maybe, but if language is changed, we need grandfathering of existing school articles , giving them say, 2-3 years of time before they are treated under NORG/GNG under this potential change. --Masem (t) 17:13, 12 November 2018 (UTC)[reply]
Indeed, 24 months is probably the way to go. My heart bleeds at the thought of having a deluge re-enter AfD. Nosebagbear (talk)
  • What is the driver in this discussion? What is the problem if a few less notable schools are included - are the servers running out of space? Policies and uniformity should support and enhance the information in the encyclopaedia, not reduce it. As a final aside; when I see the acres of text devoted to arguing fine (if not irrelevant) points I do wonder if the time could not have been better spent working on articles. Martin of Sheffield (talk) 08:31, 13 November 2018 (UTC)[reply]
Greetings, Martin of Sheffield. Wikipedia's policies and guidelines are evidently not driven by web space availability; otherwise, we would have significantly fewer rules and guidelines. The "driver" of this discussion is quite clear, as one could see by diving into past discussions on the issue, linked above. Take care. -The Gnome (talk) 09:44, 13 November 2018 (UTC)[reply]
You haven't explained why you feel the need to remove information though. It reads as if you are just trying to establish rules because you believe there need to be rules. Quoting conflicting policies as if they were reasons appears on the surface to indicate a bureaucratic rather than encyclopaedic approach. I would suggest that a better approach is only to disallow that which harms the encyclopaedia, and I have yet to be convinced that a few lines about an otherwise obscure school (which will of course be notable to many thousands of present and former pupils, parents and teachers) harms the encyclopaedia. Verifiability is important as a safeguard of our credibility but notability is a subjective assessment. Martin of Sheffield (talk) 10:02, 13 November 2018 (UTC)[reply]
Greetings, Martin of Sheffield. I did not express any kind of "need to remove information." Where do you get that? (If what you say comes from a hard inclusionist perspective I will not entertain it much, thank you. It simply does not pay to argue with editors who insist that all information has a place in Wikipedia, e.g. "Come on, some stub article about a non-notable subject does not harm the encyclopaedia".) But, more importantly, if the policies are indeed "conflicting", as you say, isn't this a reason to resolve the conflicts and get clarity? -The Gnome (talk) 05:51, 16 November 2018 (UTC)[reply]
  • This is a perennial subject of discussion, and has been for a decade or more. Looking at the list above I see that it has been discussed at least three times in the last year, and this is a fourth. In one of those discussions, namely this one, the closers decided that even though the opinions for-and-against NSCHOOLOUTCOMES were about equally balanced numerically, the conclusion was to overturn that longstanding practice. Then people seized on that one (out of dozens) discussion and its barely-supported* conclusion to change the wording at various guidelines to say that, hey, secondary schools aren't presumed notable after all. Looking at the discussion here, I see that opinion is still about evenly balanced, and that many/most of us were not even aware that the longstanding guideline had been overturned on the basis of one RfC. This is immensely frustrating. How are those of us who care about this supposed to keep up? If I wouldn't have known about this discussion, either, except for the ping-o-mat kindly sent out above (thank you, The Gnome). --MelanieN (talk) 10:33, 13 November 2018 (UTC)[reply]
*Quoting from the closure: "Based on the discussion, we find that the community is leaning towards rejecting the statement posed in the RFC, but this stops short of a rough consensus. Whether or not the community has actually formed a consensus to reject the statement posed in the RFC is a distinction without a difference." --MelanieN (talk) 10:45, 13 November 2018 (UTC)[reply]

Small logos and svg

Sorry to bring this up again, but I never got a good answer the many times I asked:

We upload a logo. It is too big. We reduce it to something like 200x200 so nobody can use it commercially. Then someone tags it for conversion to svg. That format allows it to be any size, high quality, highly reproducible.

Is there a link to the discussion that makes sense of this? Thanks. Anna Frodesiak (talk) 11:45, 12 November 2018 (UTC)[reply]

I don't think anything has changed since you asked this question in 2015 at Wikipedia:Village pump (policy)/Archive 119#Non-free image resolution.
A summary, for those seeing this for the first time: Non-free SVGs have long been a point of contention, and I'm not aware of any past conversations that have reached a firm consensus. Some past discussions include:
There are generally three factions in such discussions:
  1. Non-free vector images are ok as long as they don't contain detail that isn't needed to render at appropriate sizes.
  2. Non-free vector images are never ok because simple shapes (such as circles) can be rendered at arbitrary sizes without pixelization artifacts.
  3. Non-free vector images are only ok if they were created by the copyright/trademark holder, even if the editor-created SVG generates an image indistinguishable from the official logo when rendered at appropriate sizes.
I subscribe to the first view, and IMO that's the view that mostly has consensus. HTH, although I suspect it doesn't help all that much. Anomie 14:00, 12 November 2018 (UTC)[reply]
The way NFC had treated these is that the only allowable SVG that are non-free are logos in SVG or equivalent form (like EPS) publicly made available by the company/entity that would have appropriate ownership of that label (for example, a parent company with a subsidiary's logo). The rationale for this is that normally non-frees must be of small resolution, so SVG is already an incompatible format with that. But if a entity publishes its logo in an SVG format, we have allowed that to be uploaded and used as logos. We do not allow any other recreations of non-free logos into SVG from a non-SVG format, so anyone asking for a conversion of a logo to SVG should be immediately denied due to this. Recreations can introduce elements that were not a part of the original logo or mis-represent the logo, and that's a problem. (That's why it's okay with those logos that fail to pass the threshold of originality and fall into uncopyrightable, because their reproduction should not introduce any misrepresentation). --Masem (t) 14:40, 12 November 2018 (UTC)[reply]
I was trying to head off another round of everyone just repeating what they always say... Sigh. Anomie 03:32, 13 November 2018 (UTC)[reply]
Masem's summary of the NFC take (assuming it's accurate :-) is actually helpful for anyone not already mired in that discussion.  — SMcCandlish ¢ 😼  11:54, 17 November 2018 (UTC)[reply]
As far as I know Masem's view is just another view, which I had already summarized as #3. As for an "NFC take", the only thing I see on WP:NFC is concern about taking a vectorized logo from a third-party site because that might be subject to two copyrights (on the image itself and on the SVG "code"). It says nothing about editor-created vector images with any potential "code" copyright explicitly released as PD or licensed under a free license (which, technically, may be freer, like a freely-licensed photo of a copyrighted sculpture versus a non-free photo by the sculptor), and says nothing about any concern over recreations "introduc[ing] elements". Anomie 13:50, 17 November 2018 (UTC)[reply]
Didn't follow the whole thing, and I don't particularly care how it's resolved, but how about non-free SVGs are converted to low-res PNGs? Much like a lot of free PNGs are converted to SVGs? Headbomb {t · c · p · b} 14:36, 17 November 2018 (UTC)[reply]
FREER (which you mentioned) is meant to capture what I've described. The only thing it really doesn't say is about that this use of SVG should only be for logos, no other non-free SVG is allowed. --Masem (t) 15:56, 17 November 2018 (UTC)[reply]

Thank you all for the comments. I know I've been a bit slow to understand this. Actually, I still do not. Perhaps an individual case will help me. What about this image: File:UofTsystem seal.svg

Thanks, and thanks for your patience with me. I'm really struggling to understand. :) Anna Frodesiak (talk) 21:56, 17 November 2018 (UTC)[reply]

Anyone? If I uploaded a png of File:UofTsystem seal.svg that was 400x400, it would be fuzzy and unusable commercially, and it would be tagged for reduction to 200x200. So, is pretty darn sharp File:UofTsystem seal.svg, not only allowed, but someone spent time replacing the old fuzzy with that one. None of this makes sense to me. Anna Frodesiak (talk) 06:17, 18 November 2018 (UTC)[reply]

Oh, and what's the point of svg? To save server load? Well, we have tons of photos in articles. What's a 200x200 photo to a server? And this conversion takes time for users to do. Plus, they are commercially usable. We waited years for a freebie of Kim Jong Un because of non-free rules. Now we have zillions of high res svgs. And this has been going on for years without getting sorted out.

Anna Frodesiak (talk) 06:19, 18 November 2018 (UTC)[reply]

It has nothing to do with file space, but by non-free policy. SVGs are scalable vector graphics, meaning they could have infinite resolution. We can force a resolution by converting it to a PNG or other image format of a specific size, but we cannot convert a PNG back to a SVG as that conversion is lossy in that fashion, outside of actually recreating the SVG from drawing over the PNG, but that's a step we do not allow.. We do not want editors using non-free SVG in general due to the infinite scaling factor, but we have exceptional cases for logos of an entity provided by that entity. --Masem (t) 07:01, 18 November 2018 (UTC)[reply]
Hi Masem. I think I understand. So, the only svgs we have are ones provided by the organizations? Anna Frodesiak (talk) 20:59, 18 November 2018 (UTC)[reply]
According to Masem. As far as I know there has never actually been consensus on that. Anomie 21:54, 18 November 2018 (UTC)[reply]
"Resolution" of an SVG makes about as much sense as asking about the pixel size of an audio file or a text excerpt. Anomie 21:54, 18 November 2018 (UTC)[reply]
For audio files we also look at things like encoding quality (and why we use both an open source encoder and require that be set at very lossy settings for non-free files). The resolution of SVGs is infinite, which is a problem for when we seek low resolution non-free. --Masem (t) 05:43, 19 November 2018 (UTC)[reply]
You appear to have completely missed the point. Anomie 12:26, 20 November 2018 (UTC)[reply]
Where the graphic being represented can be defined entirely mathmatically, agreed the concept of resolution is irrelevant. In cases where the underlying graphic was, say, hand-drawn and then traced to create the SVG, there can be a resolution beyond which the SVG will no longer accurately represent the original. isaacl (talk) 23:06, 20 November 2018 (UTC)[reply]

Baidu Baike is NOT a Reliable Source

I am a Chinese Wikipedian and I find that in English Wikipedia there are a number of articles about Chinese people and firms citing Baidu Baike as reference. Though many about China can be found on Baidu Baike, which is much "larger" than Wikipedia considering NUMBERS of items included, in fact, Baidu Baike itself are thought to be unreliable in China so that in Chinese Wikipedia it hasn't and will never appear in reference lists. Citing Baidu Baike is no better than citing Wikipedia.

I suggest not using Baidu Baike as a reference anymore. GnolizX (talk) 05:04, 13 November 2018 (UTC)[reply]

@GnolizX: Welcome to the English Wikipedia. From my understanding, Baidu Baike is a user generated source, which our reliable sourcing guidelines already recommend not using. That said, the English Wikipedia is too large for anyone to properly monitor, so new users do sometimes add it without knowing about our reliable sourcing guidelines. Ian.thomson (talk) 05:11, 13 November 2018 (UTC)[reply]
Then what to do with those articles having already cited Baidu Baike? Will there ever be a robot that can automatically remove the Refs? Just search "百度百科" and we'll get lots of articles with this problem. This is much more terrible because these pages may later be translated to other languages. GnolizX (talk) 05:29, 13 November 2018 (UTC)[reply]
If there is a consensus that they are all without exception damaging and useless, you could ask addition to the MediaWiki:Spam-blacklist. Jo-Jo Eumerus (talk, contributions) 07:11, 13 November 2018 (UTC)[reply]
But exception exists, for example, Baidu Baike is cited in Baidu Baike to explain its policy. GnolizX (talk) 08:36, 13 November 2018 (UTC)[reply]
Exceptions can be made for specific addresses. Citing Baidu on its own article about its own policy would be an acceptable use and would qualify for an exception. Only in death does duty end (talk) 19:15, 13 November 2018 (UTC)[reply]
There are currently 2928 pages on English Wikipedia linked http://baike.baidu.com pages and also 643 pages linked https://baike.baidu.com pages according to Special:LinkSearch although a few of them are user pages or talk pages, or as an intermediate source for fair use images source. Someone probably need to check all 3500 of them and remove most of them. Amazingly someone linked it as source on reference desk. C933103 (talk) 07:38, 13 November 2018 (UTC)[reply]
Yeah what an amazing number.... So the next step is, that all the 3500+ pages need to be checked... by human beings??? GnolizX (talk) 08:18, 13 November 2018 (UTC)[reply]
The number is closer to 1900 in mainspace. You can make a WP:Bot request to remove uses. I think there is at least one bot that will do it.
There are at least 600 other pages which reference baidu.com also which may not be appropriate, as from my review of Baidu the company does not much reliable to say--but that would definitely need human review. I would support blacklisting the domain given the quantity. --Izno (talk) 16:59, 13 November 2018 (UTC)[reply]
The links should not just be removed, but instead replaced by other references to support the statements in the articles. If the statement is untrue, then it should be removed along with the bad reference. Graeme Bartlett (talk) 23:29, 13 November 2018 (UTC)[reply]
When I have done this previously for what was a patently unreliable source, I simply replaced the offending ref with {{cn}}. --Izno (talk) 23:44, 13 November 2018 (UTC)[reply]
We have a page somewhere for listing unreliable sources that are also popular magazines and websites. I think it's also used for generating blacklist entries.  — SMcCandlish ¢ 😼  14:23, 14 November 2018 (UTC)[reply]
Part of the problem is it can be difficult to know what exactly is being supported by this unreliable source - for example in Second Sino-Japanese War it is one of nine! references supporting the fact that the Republican Chinese employed suicide tactics against the Japanses - it takes someone who can look at the sources, most in Chinese, to see what can be kept and what removed.Nigel Ish (talk) 22:40, 17 November 2018 (UTC)[reply]

Baidu Baike is a phenomenally lousy source and should never be allowed here. It is a wiki and where the content there is sourced, the sources are often rubbish. Maybe blacklisting it should be considered.

Can we have a bot replace <ref>https://baike.baidu.com/item/cat</ref> with {{cn}} or some other solution? Anna Frodesiak (talk) 22:03, 17 November 2018 (UTC)[reply]

Hi Ian.thomson. I suppose so. What should we do? Anna Frodesiak (talk) 06:17, 18 November 2018 (UTC)[reply]
  • For other baidu URL, hi.baidu.com is a IM tool with blog which is usually not a reliable source, post.baidu.com and tieba.baidu.com is an online forum which are also not a reliable source, baijiahao.baidu.com is a self-publishing platformwhich is mostly not a reliable source (note that it might also be used by some organization/etc.), and wenku.baidu.com is a document sharing platform (source might be reliable if the citation format is changed to cite a proper URL) C933103 (talk) 08:16, 18 November 2018 (UTC)[reply]

I started a post here at RSN. I suggest we hat this to prevent the discussion from taking place in two places at once. Anna Frodesiak (talk) 21:09, 18 November 2018 (UTC)[reply]

"Increase" and "Decrease" in rank.

As discussed in Template talk:Infobox website#AlexaRank, currently some Wikipedia use "decrease" to indicate improvement in rank. For instance, If a website was previously ranked #10 in certain ranking, and it now become the #1 site in the world, then editors would put a Positive decrease symbol next to the rank to indicate its ranking have been "decreased" from #10 to #1. However to me it seems like the interpretation doesn't make sense, as the ranking of the website was actually increased from the #10 to #1. Wouldn't it be better to use the Increase symbol to show the website gained places in ranking? C933103 (talk) 07:26, 13 November 2018 (UTC)[reply]

Why not simply use “rise” and “fall”? Blueboar (talk) 12:27, 13 November 2018 (UTC)[reply]
The OP is saying that it's counter-intuitive to indicate an improvement with a "down" arrow. I would tend to agree. Not sure whether this qualifies as forum shopping, maybe a discussion notice here would have been better? ―Mandruss  13:12, 13 November 2018 (UTC)[reply]
Strongly concur with C933103 and Mandruss. Furthermore, this is against MOS:ICONS. We never use icons in ways that can be misleading to readers.  — SMcCandlish ¢ 😼  14:20, 14 November 2018 (UTC)[reply]
Yeah it would probably be better to link the discussion back from the original talk page so that the discussion would be linked to anyone who are interested. The lack of people to discuss the matter (as well as actually talking about what can be done) on the template talk page was the reason for me to start this section to talk about this issue here. C933103 (talk) 16:35, 20 November 2018 (UTC)[reply]

"High rank" means a small number, and "top rank" means the first in rank. --NaBUru38 (talk) 20:31, 16 November 2018 (UTC)[reply]

Transcluding article content into other articles

At Joseph Gordon-Levitt part of the Hitrecord section is transcluded from another article. Something similar happens at Transgender#Scientific studies of transsexuality. I had never come across this before in article space. There is a help page Wikipedia:Transclusion, which mentions the Gordon-Levitt article as an example. There are also templates Template:Transcluded section (links 735 articles [4])and Template:Transcluding article (links 11 articles [5]) so it is used somewhat. Zinc is a featured article and uses it for the common cold section. It seems odd and while I would enjoy using it to keep consistency in articles from areas I edit I think it could have some drawbacks. It makes the assumption that the content should always exactly match the transcluded article and makes editing the target sections difficult. It also means that changes made to another article would affect an article you watchlist without notifying you. There may be others too. I am curious as to whether there are any guidelines or policies to using this technique or if it is just used so little that most editors are, like me until now, unaware that it was viable. AIRcorn (talk) 09:01, 13 November 2018 (UTC)[reply]

Transclusion is heavily used in entertainment-related articles. For an example see MOS:TVOVERVIEW in the guidelines for writing about television programs: If a separate List of episodes article exists, the series overview table should be presented at the top of that article below the lead, in a section labeled "Series overview", then transcluded to the episodes section at the main article. This sometimes leads to problems with references, if named references are used but the full reference is not in the transcluded section. StarryGrandma (talk) 20:48, 13 November 2018 (UTC)[reply]
In general I don't think it is a good idea due to the problems mentioned above, and the confusion it causes to editors. However I don't think we need a policy to support or preclude it. Using templates transcluded into the two articles seems better than transcluding one into the other. This will prevent edits on one article trashing the other. Graeme Bartlett (talk) 23:33, 13 November 2018 (UTC)[reply]
Thanks for the replies StarryGrandma and Graeme Bartlett. Sorry it took so long for me to get back to this. I am assuming this is a case-by-case situation at the moment. I may look at editing or discussing options at Wikipedia:Transclusion as I feel it needs something a bit more concrete about when and how to use it. The Gordon-Levitt example in particular looks like a very poor use and when combined with the strange passive ownership hidden text it is probably detrimental to improving the article. I also find the TV overview use a bit strange. I could understand transcluding for rapidly changing information that needs to be presented on multiple pages, but at best you are looking at one update a year for most TV shows. Anyway it is good to know there isn't much in the way of existing policy that needs to be negotiated first in this area.. AIRcorn (talk) 21:44, 21 November 2018 (UTC)[reply]

Please comment at the RFC. Headbomb {t · c · p · b} 17:45, 14 November 2018 (UTC)[reply]

MILHIST guidance pages

A discussion is currently underway at Wikiproject Military History concerning guideline status of the MILHIST Content guide and Notability guide. –dlthewave 21:43, 15 November 2018 (UTC)[reply]

Single use templates

There is a discussion over at WT:Template namespace § Single use template that would probably benefit from broader input. Anyone here is welcome to contribute or advertise it more broadly. Or you can ping me and let me know where else I should put a notice. Thanks, and happy editing. YBG (talk) 23:05, 15 November 2018 (UTC)[reply]

Proposal/RfC: Should we allow WP:PROD in the draftspace?

The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.


After what is turning out to be an unsuccessful proposal at Wikipedia talk:Criteria for speedy deletion#Proposal/RfC - Extend WP:U5 to the draftspace, I have come up with something new. I reckon that we should allow proposed deletions in the draftspace. This will ensure that things like WP:NOTESSAY, WP:NOTWEBHOST and WP:NOTHOWTO trash can be PRODed instead of having to go into WP:MfD. Also, WP:PROD has a seven-day wait most of the time before the page is deleted so it can mean that things can be deleted after seven days with proposed deletions in the draftspace without having to go to WP:MfD for basic things like WP:NOTESSAY, WP:NOTWEBHOST and WP:NOTHOWTO which have no chance and obviously will get deleted. Pkbwcgs (talk) 16:23, 16 November 2018 (UTC)[reply]

  • Correct me if I'm wrong but didn't we have that discussion already fairly recently? Regards SoWhy 16:58, 16 November 2018 (UTC)[reply]
  • Oppose - Nobody watches drafts aside from the page creator in the vast majority of cases, so if they're inactive in those 7 days, this is basically just an easy all-purpose deletion timer. There's already an issue with our existing policies and guidelines being pushed too far and blatantly misapplied. PROD has even less oversight than CSD or MfD, because in CSD an admin is responsible to make sure it qualifies; PROD is just a countdown. The fact remains that almost nobody will ever see a page in draftspace, so there's little urgency to delete edge cases (those which aren't obviously problematic enough to qualify for existing CSD). As I said in my opposition to the other proposal, the benefit to deleting drafts that aren't obvious candidates for CSD is minimal (which isn't to say non-existent), but far, far less benefit than deletion of a problematic mainspace page. On the other hand, the potential damage to new user experience is the same. — Rhododendrites talk \\ 17:03, 16 November 2018 (UTC)[reply]
  • Oppose per Rhododendrites, especially on the point of user experience. Also would like to add that no draft that is not accepted at AfC has any chance ever, as they all get cleaned out after 6 months by G13 anyways. I don't understand the need to proliferate redundant deletion mechanisms. A2soup (talk) 18:29, 16 November 2018 (UTC)[reply]
  • Oppose per Rhododendrites and A2soup. WP:NOTESSAY and WP:NOTHOWTO are subjective and not everything that could be deleted that way should be - they could be fixed, or moved to user, help or project space (depending on subject). The problems with using WP:NOTWEBHOST as a deletion criterion have been explained to you at length in the CSD proposal and you've seemingly either not listened or not understood. Vandalism can and should be speedily deleted under criterion G3 and spam can and should be deleted under criterion G11 - as repeatedly explained in your previous proposal. One of the major failings of that proposal was a lack of demonstrated need, and you've not even attempted to demonstrate the need for this one either. Thryduulf (talk) 18:32, 16 November 2018 (UTC)[reply]
    • We need this so that instead of taking drafts that can be obviously deleted to WP:MfD and flooding it, a PROD tag can be applied and it can be deleted after seven days. We are talking proposed deletion which isn't speedy deletion. The seven days also give time to the creator to address the problems of the draft and if the creator wants to improve it, the PROD tag can be removed. Pkbwcgs (talk) 18:58, 16 November 2018 (UTC)[reply]
      • Say, for example, that you have a draft that is clearly WP:NOTESSAY but not covered by existing CSD criteria. Either the creator is interested in keeping the draft or the creator is not interested in keeping the draft. If the creator is interested in keeping the draft, they will remove your PROD tag and MfD will be necessary if you wish to seek deletion (personally I think we should let such drafts stick around, but that's a different question). If the creator is not interested in keeping the draft, it will be deleted per G13 in 6 months anyways. The only function of your proposal is to accelerate the G13 timeline. This is 100% redundant and therefore WP:CREEP, and also the RfC that created G13 clearly showed no consensus for a shorter timeline. A2soup (talk) 19:10, 16 November 2018 (UTC)[reply]
        • G13 is for any draft that has not been edited for six months or more. This is not how PROD will work so it is not redundant and PROD can be declined by any admin if there is no valid reason for deletion. Just because a draft is declined, it doesn't mean that a PROD tag should be added. This is not how this proposal works. For example, if you see a homework assignment in the draftspace, then a PROD tag can be added instead of taking it to MfD and it should be deleted that way. Pkbwcgs (talk) 19:18, 16 November 2018 (UTC)[reply]
  • Oppose per my more eloquent colleagues. ~ Amory (utc) 19:01, 16 November 2018 (UTC)[reply]
  • Oppose. This would serve no purpose whatsoever. A draft that is not defamatory, a copyvio, or otherwise a speedy case, can sit in draftspace forever, provided it is worked on from time to time. The reason for this is that it is possible that it might eventually be improved enough to merit being an article. The rule allowing for deletion of abandoned drafts already works with respect for those that are not improved. bd2412 T 19:32, 16 November 2018 (UTC)[reply]
  • Comment I've in the past supported DraftPROD, but someone else made the point that a DraftPROD would get even less oversight, i.e. traffic, than mainspace PRODs. The underlying problem here is the sheer amount of garbage in draftspace, the overfilling of MfD with junk drafts, and the problems existing with the G13 criterion. For that reason I would be against a DraftPROD, per se, but would support Draft-specific CSD. PrussianOwl (talk) 21:26, 16 November 2018 (UTC)[reply]
    • @PrussianOwl: I'm not convinced that MfD is being overfilled - almost all of what was there from draftspace was either not uncontroversially supported for deletion or being deleted for subjective reasons, both of which are incompatible with any form of CSD. Indeed in all the recent discussions nobody has even attempted an objective definition of "junk" or explained why waiting for G13 is actually problematic. Thryduulf (talk) 22:00, 16 November 2018 (UTC)[reply]
      • "Junk" is basically the useless stuff that lies in the draftspace like WP:NOTESSAY and WP:NOTWEBHOST stuff that is a waste of time for AfC reviewers to have to go through and has no chance of improvement. This also applies to homework assignments which I have seen quite a few of in the last couple of days. It's the stuff which floods pending AfC drafts everyday which is literally a waste of time to go through and the worst thing is that it is even more of a waste of time for those useless drafts (or "junk") to be re-submitted again and again. I will still keep the RfC open for the new draft-specific CSD but this is another idea if the other doesn't succeed. However, by the looks of it, both won't succeed. A AfC reviewer can spend time better look into a draft which looks promising and the creator is willing to spend rather than "junk". Pkbwcgs (talk) 22:31, 16 November 2018 (UTC)[reply]
        • That's a definition of junk but it doesn't even approach being an objective one. NOTESSAY and NOTWEBHOST are subjective guidelines, "useless stuff", "waste of time", "no chance of improvement" are all inherently subjective on their own let alone when sat on top of oneanother. Homework assignments come in many, many different forms some blindingly obviously not encyclopaedia material but some that could easily become so, meaning it's not a useful criterion for this. Thryduulf (talk) 01:12, 17 November 2018 (UTC)[reply]
  • Support as a step in the right direction. What we need is for deletion in draftspace to operate using meaningful criteria rather than the delete-everything-after-six-months logic. – Uanfala (talk) 01:21, 17 November 2018 (UTC)[reply]
  • Oppose another deletionist proposal. It's the thin end of the wedge for those who want to delete the entire wiki! OK, that was silly, but generally speaking there is no benefit to moving further in the deletionist direction. Jack N. Stock (talk) 01:31, 17 November 2018 (UTC)[reply]
  • Oppose Draft space is a safe place to incubate drafts - I don't have any problems in theory with expanding the type of things which can be speedy deleted in draft space, but PROD for any draft article would invite disaster IMO. SportingFlyer talk 01:48, 17 November 2018 (UTC)[reply]
  • Oppose - the draft is supposed to be a building space - so of course articles frequently won't be appropriate. Additionally, since it's not an article usually the only watchlisted editor is the creator. What if they don't log-in for a week? Not to mention how overwhelmed a DraftPROD would be - the drafts would never get a fair glance at. Nosebagbear (talk) 10:46, 17 November 2018 (UTC)[reply]
  • Oppose yet more beauracracy, no need for quick removals from draftspace where they are supposed to be given more time for development and the poor content is out of view of most of the public Atlantic306 (talk) 17:36, 17 November 2018 (UTC)[reply]
  • Oppose for basically the same reasons I opposed the U5 extension. If G10, G11, or G12 doesn't apply, then there's absolutely no reason not to leave stuff in draftspace until the G13 clock eventually rolls around. Nathan2055talk - contribs 20:27, 17 November 2018 (UTC)[reply]
  • Oppose G13s and Speedy deletes at MFD seem to work just as well. JC7V (talk) 20:30, 17 November 2018 (UTC)[reply]
  • Oppose Drafts do not get the same watchers as articles, so it would mostly be a death sentence for negligent writers. MFD at least gets a central discussion. Graeme Bartlett (talk) 09:38, 18 November 2018 (UTC)[reply]
  • Comment MfD is not overrun NOT for lack of junk to MfD but for lack of dedicated volunteers willing to clean up the vast piles of junk. See Wikipedia:WikiProject_Abandoned_Drafts/Stale_drafts for a huge list of spam, webhost, attack pages etc, and even a few good topics. Legacypac (talk) 20:55, 18 November 2018 (UTC)[reply]
    • None of which is evidence that PROD for draft space or expanding speedy deletion to a subjective subset are anything like good ideas. Thryduulf (talk) 22:35, 18 November 2018 (UTC)[reply]
    • @Legacypac: I think a better proposal to help deal with that particular backlog would be to expand G13 (delete after six months with no edits) to pages with {{Userspace draft}}, which is a much more reasonable proposal than expanding PROD. The technical deletion of userspace pages for inactivity is a bit more controversial than deleting draftspace pages, but since there's a dedicated group going through stale userspace drafts looking for anything worth salvaging, it might be a bit more palatable. Perhaps offer a {{do not delete}} tag that could be placed by any editor interested in retaining it for whatever reason? Nathan2055talk - contribs 23:35, 18 November 2018 (UTC)[reply]
  • Oppose as per everyone above - The current process(es) works fine IMHO. –Davey2010Talk 23:22, 18 November 2018 (UTC)[reply]
  • Oppose there is no need for this and it will cause many, many, many, many more problems than it will solve. Jacona (talk) 02:37, 19 November 2018 (UTC)[reply]
We don't need to be using PRODs in draftspace.
The discussion above is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.

Discussion of cross-referencing COMMONNAME and MOS

 – Pointer to relevant discussion elsewhere.

Please see: Wikipedia talk:Article titles#Clarifying that UCRN is not a style policy

Purpose: A proposal, which would not substantively change any policy in any way, to add a cross reference from WP:Article titles (AT) to WP:Manual of Style (MoS), specifically in WP:Article titles#Use commonly recognizable names (UCRN a.k.a. COMMONNAME). AT and the naming convention pages have numerous cross-references to MoS, but one is not present in this section, despite WP:Requested moves (RM) discussions most often being about style matters and determined by MoS (unless the base name is more seriously wrong for WP:CRITERIA policy reasons). Lack of such a cross-reference has led to a great deal of avoidable confusion and repetitive conflict.

Rationale summary: The purpose of the cross-reference is to help new editors understand our policies and guidelines relating to stylistic questions as they apply to article titles. Many editors incorrectly cite UCRN for matters not covered there but at MoS, and even do strange things like argue that MoS can't apply to titles, or that it's in conflict with AT, when of course we apply MoS to titles every single day, and parts of it are specifically about them. RM is the most frequent use of many MoS guidelines, including virtually everything in MOS:TM (trademarks). Our naming conventions guidelines that deal with style (WP:NCCAPS, etc.) are derived from and summarize the corresponding MoS guidelines. The only reason for any perceived rules conflict is lack of a cross-reference from one page to another. It's actually aberrant for us to lack one in this section.

Update: One actual policy change has been proposed in this thread, which would actually make AT become a style policy on a particular point. This is not part of the original cross-reference proposal. If you wish to support or oppose one proposal but not the other, please be clear as to which.
 — SMcCandlish ¢ 😼  11:50, 17 November 2018 (UTC)[reply]

RfC: Citation styles

Should Wikipedia:Citing sources have an explanatory guideline with a set of accepted citation/footnote styles, with the lists of allowed formats and structures to be decided by future RfCs? Jc86035 (talk) 18:12, 17 November 2018 (UTC)[reply]

Survey (RfC: Citation styles)

  • Tentative support. Allowing virtually any citation/footnote style to be used can be unnecessarily confusing for contributors, especially new users: while various citation formats are widely used in the English-language publications of many disciplines, and there is obviously good reason for different formats to be used in Wikipedia articles, obscure styles and little-used templates like {{ran}} can make it more difficult for contributors to add to the articles in which they are used. The lack of guidance has also resulted in a lack of consistency in reference group names, mostly for footnotes and primary sources ("note 1", "notes 1", "n 1", "‡ 1", "a", "A", ...). Jc86035 (talk) 18:12, 17 November 2018 (UTC)[reply]
  • Support as long as there is a documented mechanism to review adding additional styles as needed to the list. Ideally, certain more obscure formats should indicate which topic areas they should or should not be used on. --Masem (t) 18:26, 17 November 2018 (UTC)[reply]
  • Support, per Masem. If any style that is currently used in a topic area is being discussed for inclusion on the list then editors working in that topic area should be explicitly invited to take part in the discussion. Thryduulf (talk) 18:45, 17 November 2018 (UTC)[reply]
  • Support – there needs to be a centralized plan to learn how the different styles work, and to suggest not using odd variants. Dicklyon (talk) 18:49, 17 November 2018 (UTC)[reply]
Who determines whether a variant is “odd”? Blueboar (talk) 19:07, 17 November 2018 (UTC)[reply]
@Blueboar: per the opening post in the RfC, which styles are allowed, which are not allowed and which are allowed only in certain areas will be determined by consensus of future discussions. This RfC is only about establishing the framework so as to avoid objections to specific styles being on one or another list don't derail the whole lists (if there is a consensus for the lists) and/or to avoid wasting time discussing which should be where (if there is consensus against the lists). Thryduulf (talk) 20:52, 17 November 2018 (UTC)[reply]
  • This is a huge can of worms - while there is probably some benefit in reigning in some of the more "unusual" citing standards, this has the potential to result in a lot of bad blood and pain if not handled perfectly. We have WP:CITEVAR for a reason .Nigel Ish (talk) 21:00, 17 November 2018 (UTC)[reply]
  • Support The standards should be stated and a move made towards the preferred style, and all those variants can be gradually converted to something that looks and works in a consistent way. Failure to use the styles is not necessarily and problem for the editor or article, but instead an opportunity to get it done in a better way. Certainly for FA standard there should be a preferred citation style to use. Graeme Bartlett (talk) 09:36, 18 November 2018 (UTC)[reply]
  • Questions:
  1. is this meant to require citations being added in specific formats? We've always accepted plain text or bare URLs as references, as long as enough information is provided to identify the source;
  2. is this meant to be a sitewide requirement policy, or just a best practice/manual of style? I.e. are we going to start trying to sanction editors who use a different citation format? Ivanvector (Talk/Edits) 19:04, 17 November 2018 (UTC)[reply]
My impression is that we "accept" almost anything, but that we also advise converting to a recommended and consistent style. We even have bots trying to to that for bare URLs for example. Style guidance points the way to go, but doesn't hit anyone over the head for not going that way. Dicklyon (talk) 19:10, 17 November 2018 (UTC)[reply]
My reading of how this is proposed is when we are talking an article at GA or FA. An article is progress is going to likely have a lot of variation in style, include bare URLS, which is fine - our citation approaches are highly complex and not easy to parse. But once you start talking quality, then a consistent style, and ideally one supported by consensus should be used. Certainly early on in an article's development, editors should be aware of what citation style to go for to minimize the pain of updating all the styles at the point of GA/FA. --Masem (t) 21:05, 17 November 2018 (UTC)[reply]
  • @Ivanvector, Masem, and Dicklyon: No, this probably shouldn't be a requirement – the actual policy change might be something like "please use these styles and formats; if an article doesn't use a listed style or a listed format then the article may be changed so that it does". I've changed the RfC question (it originally said "include a list of", which would have been inappropriate for a policy). Jc86035's alternate account (talk) 11:25, 18 November 2018 (UTC)[reply]
Much better. As per Dicklyon we need to accept poor references, particularly from newbie editors, and then seek to improve them. It doesn't take much effort to bring up a bare URL and generate a {{cite web}} or {{citation}} and the associated <ref>/</ref> or {{sfn}} reference. Martin of Sheffield (talk) 11:39, 18 November 2018 (UTC)[reply]
I guess I don't know what's proposed to change. It's already recommended (and best practice for featured content) to be consistent within an article. Is the proposal just for making a list of suggested citation styles? Ivanvector (Talk/Edits) 18:24, 18 November 2018 (UTC)[reply]
  • Strong Oppose. WP:CREEP. Violates the spirit and principle of WP:CITEVAR. I use non-code Chicago Manual of Style footnotes. Honestly, we are lucky if bare URLs get filled out at all, and editors who use ReFill don't even give the date or publication of the citation. There are variety of stylebooks for citations, and even the more revered ones vary between themselves. There's no reason to force people to choose from a list of "allowed" styles. This is just going to lead to more trouble and edit-warring. We can certainly give examples/samples, but to enforce a list of "allowed" choices is just asking for trouble, and edit-wars galore. Softlavender (talk) 11:52, 18 November 2018 (UTC)[reply]
  • Even stronger oppose. We have over 2000 different citation templates, all of which are currently "approved", plus all the non-template hand-formatted citations. I would support it if we picked a single wiki-wide citation format and deprecated all others, as the short-term disruption of mass conversion would be justified by the long-term stability of an end to arguments over WP:CITEVAR and confusion about which style to use on any given article, but I can't see anything good coming of a proposal to allow whichever small handful of editors bothers to turn up to an RFC to unilaterally decide that some of those 2000 templates are "approved" and some aren't. (Aside from anything else, if there will still be more than one "approved" citation style, how do we decide to which of those we're going to convert all the articles using now-banned styles?) By causing the huge disruption of a mass-conversion, without the benefit of a unified citation style at the end of it, this is just going to cause a huge amount of bad feeling for no apparent benefit. And when I say "huge disruption", I mean it; the most commonly-used citation template, {{cite book}}, is used on approximately 1,000,000 articles, meaning that even if we settled on this as the standard going forward it would still mean 80% of articles would be non-compliant and need to have their references reformatted. ‑ Iridescent 12:10, 18 November 2018 (UTC)[reply]
    Most commonly used is actually {{Cite web}}, on 3 million pages. I think you're exaggerating the number of articles that don't use citation style 1 references - a lot of pages that don't use it have bare url references or simply don't have any. TBH I think we should settle things down to using CS1 for formatting references - it is the de facto standard and what visual editor and reftoolbar use - and a choice of citing references using <ref>...</ref> or using {{sfn}}; but the acrimony generated through doing that is probably more work than worth it. Galobtter (pingó mió) 13:43, 18 November 2018 (UTC)[reply]
    Also, Iridescent, vast majority of the "2000 citation templates" are just {{Cs1 wrapper}}s (or external links templates like {{Britannica}} and other things that are not really citation templates) - not a different style. Galobtter (pingó mió) 13:55, 18 November 2018 (UTC)[reply]
    I'd think it obvious that we're talking acceptable citation template families. There's probably a dozen plus variations of "cite web", but that's all one family. Same with CS1 references. --Masem (t) 05:46, 19 November 2018 (UTC)[reply]
  • Oppose per Softlavender. We are still not at a position where references are provided when they need to be. Laying down standards of reference formatting will exacerbate the situation as new editors will give up rather than jump through what they see as unnecessary hoops. Nthep (talk) 13:30, 18 November 2018 (UTC)[reply]
    99% of new editors if they are formatting references, use Citation Style 1 (which of course will be an allowed style); nobody is suggesting that new editor's edits should be rejected or that the first thing that new editors should be explained to is what citation style to use. Like with the MOS, it would be mainly experienced editors who fix edits to make them conform with the style. New editors are anyways explained how to/told to use {{cite web}} etc. Galobtter (pingó mió) 13:49, 18 November 2018 (UTC)[reply]
    New editors would continue to drop in bare URLs as they do now, most of them being unaware of or apathetic about any relevant guidelines. What we're debating is what happens if and when those are cleaned up. The effect on new users is thus zero. ―Mandruss  18:23, 18 November 2018 (UTC)[reply]
  • Oppose per Iri and SL. Ealdgyth - Talk 13:36, 18 November 2018 (UTC)[reply]
  • Support Getting rid of obscure styles to make it easier for new editors editing those pages and for consistency across Wikipedia. This really wouldn't affect the vast majority of edits, editors, or pages, but only the few thousand pages that use things like {{ran}} or in text parenthetical citing (which are IMO very reader unfriendly); at-least initially, we can allow a broad range of styles with the exception of some obscure ones. The amount of articles that use things other than Help:CS1 and Help:CS2 and such is quite small. Galobtter (pingó mió) 14:25, 18 November 2018 (UTC)[reply]
  • Oppose - The purpose of a citation is to point the reader to a source which verifies our content. As long as a citation does this, it is acceptable. The style is irrelevant. Blueboar (talk) 15:24, 18 November 2018 (UTC)[reply]
  • Support wp:citing sources is a guideline not a policy so it doesn't force anything at all, those arguments don't make sense. Guidelines are routinely ignored if editors wish. The purpose of a guideline is to show best practice. A list of best practice citation styles is not only a good idea, why isn't it there already. -- GreenC 15:37, 18 November 2018 (UTC)[reply]
  • Strong oppose. A wide variety of citation styles is in use in the academic and publishing worlds, and we accommodate that here relatively peacefully. We have help pages on referencing for newcomers and these can be improved. But forcing an "approved list" of citation styles on Wikipedia seems like a recipe for creating conflict where there is little at the moment. I feel the proposed RfCs on which styles to "allow", with the goal of eliminating some editor's favorite ways of citing sources, would create an Infobox-like situation. StarryGrandma (talk) 16:36, 18 November 2018 (UTC)[reply]
    Comment. Adding or linking Wikipedia:Citing sources to a guideline clearly explaining the easiest ways add references with the current state of our tools would be a good idea. (Visual Editor has improved considerably for example; one can now see the references in the reference list after entering them.) A single RfC could be held to decide which methods to recommend there. StarryGrandma (talk) 17:04, 18 November 2018 (UTC)[reply]
  • Oppose: The purpose of citations is to make it possible to verify content. Consistency within an article is much more important to that end, and also good for other reasons. Yes, we can speculate styles that are strictly speaking consistent but totally absurd (say, Bluebook in a non-legal article, in CamelCase, encoded with ROT13, and all the punctuation swapped for emojis) but I'd assume that good-faith editors don't do such a thing. As for obscure citation styles hindering the addition of content out of fear of messing up with the existing WP:CITEVAR (yes, merely a guideline as pointed above, but one with a super strong consensus and observance)? I'm not sure if I buy that argument. Editors are supposed to WP:BEBOLD and add content and let others iron out the wrinkles that they don't know how to fix. I see (and fix) articles with slightly inconsistent CITEVAR all the time precisely because editors have added content even if they didn't know all the intricacies of that article's citation style. On the contrary, I've never seen anyone actually complaining about not contributing content because they didn't know how a citation style works. – Finnusertop (talkcontribs) 17:53, 18 November 2018 (UTC)[reply]
  • I think this RFC might be the wrong question--I don't need to make an RFC to get permission to ask certain questions, I should just ask those questions. I would rather see us start to chip at the problem instead of a massive RFC to ask about giving carte blanche to deprecate or retain certain citation styles (and I'll throw "formats" in too). Why don't we figure out whether we should use vertical citations first? (And if we do, where we should, or could.) That seems like an easier question to answer. --Izno (talk) 18:58, 18 November 2018 (UTC)[reply]
    Sigh... We have had that discussion (over horizontal vs vertical) multiple times in the last few years... the result was consistently that both are acceptable. Blueboar (talk) 19:14, 18 November 2018 (UTC)[reply]
    Not really, and certainly not at that page. A handful of "format versus kind of citation" type discussions, but never anything which would give concrete guidance to "use vertical citations for everything" or "use only in WP:LDR" or "do not use within prose". I'm not looking for "can we use it?" only, I'm looking for "when?", and that's never been answered, though I think there's a common sense answer at this time that everyone probably would settle on and agree to add to the guideline if they would only discuss the point. --Izno (talk) 19:31, 18 November 2018 (UTC)[reply]
    Either way, that's just one example. There are other questions we could sensibly ask of the same sort that still bypass this overarching RFC that just don't need permission to be asked. --Izno (talk) 19:38, 18 November 2018 (UTC)[reply]
  • Support - It's quite possible for the community to establish a minimum set of citation styles that will suffice for most known cases. More freedom than that doesn't decrease edit-warring, it increases it. Most editors will respect a content guideline even if they disagree with it, for the sake of site-wide consistency. The project has established an arbitrary "Wikipedia way" for everything from article titles to order of article elements, I see relatively little edit-warring in those areas (except in edge cases not clearly addressed by the PAG), and there is little question that the encyclopedia has benefited from that consistency. Editors accustomed to using title case in titles and headings adapt to sentence case when editing Wikipedia, and so on, and this is not an excessive burden for members of the most adaptable species on the planet. This situation is no different.
    There are PAGs that are obsolescent, and many that are unnecessarily complex. If the community would put some ongoing effort into reduction and simplification of existing PAGs, WP:CREEP would be far less of an issue; we would simply trade bad PAGs for better PAGs. I support that. ―Mandruss  19:16, 18 November 2018 (UTC)[reply]
  • Oppose, per Nigel Ish. As he said, we have CITEVAR for a reason. SarahSV (talk) 22:05, 18 November 2018 (UTC)[reply]
  • Oppose per everyone above - If the source is adequate and does the job in verifying whatever that claim is then that's perfect in my books - The style is all but irrelevant. –Davey2010Talk 23:18, 18 November 2018 (UTC)[reply]
  • Oppose per Softlavender and Iridescent. Beyond the obvious WP:CITEVAR issue, implementing this would be a nightmare. There are literally thousands of different citation styles in common use around enwiki, just a list of them all would be a massive undertaking, let alone a brief guide for every single one. And, frankly, I'm just glad when an article has citations, even if they're just bare URLs. Nathan2055talk - contribs 08:14, 19 November 2018 (UTC)[reply]
  • @Izno: If anyone wants to close this RfC early for asking the wrong question I'm fine with that, although I'm not sure what should happen afterwards. Jc86035's alternate account (talk) 08:38, 19 November 2018 (UTC)[reply]
  • Oppose for now per WP:CREEP. I haven't seen a situation where this policy would be needed. --Jayron32 12:05, 19 November 2018 (UTC)[reply]
  • Question The proposal does not appear to me to be a change to policy, but a mere suggestion that preferred methods by presented. The !votes seem to be addressing something much stronger. Would this explanatory guideline require of particular formats? Would it prohibit the use of some formats? Jacona (talk) 15:35, 19 November 2018 (UTC)[reply]
  • Oppose - Solution looking for a problem. Beyond My Ken (talk) 19:54, 22 November 2018 (UTC)[reply]
  • Strong Oppose This will make editing Wikipedia much harder. —Eli355 (talkcontribs) 22:15, 22 November 2018 (UTC)[reply]
  • Oppose per WP:CREEP, and the eloquent arguments above.--Esprit15d • talkcontribs 23:57, 26 November 2018 (UTC)[reply]
  • Oppose per Iridescent; unless we're establishing one house reference style based on CS1 (possibly with the option for WP:HARVARD referencing) this is a lot of work and extra policy for no benefit. The exact details of MLA v. ASA formatted refs don't need to be established anywhere on-wiki; if somebody really cares they can check the official book. This also seems like a bad way to try to deprecate some of the 2000 ref templates; if that's your goal I'd advise a separate thread at WP:VPI. power~enwiki (π, ν) 05:22, 28 November 2018 (UTC)[reply]

Bans imposed as unblock conditions

Administrators often impose or suggest editing restrictions on blocked editors, either of their own accord or accepting suggestions from the editors themselves, as "conditions" to accepting an unblock request. We sometimes log these (see Wikipedia:Editing restrictions) as "voluntary" bans or as "unblock conditions" (or sometimes not at all). I think these sorts of unblock conditions are a good use of admin discretion, but I've realized recently that there does not actually seem to be any support for these sorts of ban in the banning policy. According to the policy (see #Authority to ban), bans may be imposed either by community consensus, or by admins acting under authority of the arbitration committee in designated topics (discretionary sanctions). They can also be imposed by Jimbo or the WMF but let's not get into that.

I propose that a bullet be added to this section, specifying that an administrator acting under their own authority may impose a relevant editing restriction (a ban) as a condition to a user being unblocked, if the administrator believes that such a sanction will prevent disruption related to that user's block. This would bring the banning policy in line with the blocking policy (see #Conditional unblock). Ivanvector (Talk/Edits) 19:00, 17 November 2018 (UTC)[reply]

Support if and only if the same with the agreement of the blocked user wording from WP:CONDUNBLOCK is included. Otherwise, you're giving individual admins the power to unilaterally decree what other editors may and may not do, which is a Really Bad Idea; except in the cases of the most blatant vandalism, it's rare to find any situation in which every admin will agree on what does and doesn't constitute disruption, so what you'd effectively be doing is giving a massive first-mover-advantage incentive for every self-appointed social engineer to impose their personal standards of what constitutes 'disruption' every time a ban appeal comes up. ‑ Iridescent 19:27, 17 November 2018 (UTC)[reply]
Just copy the appropriate text from CONDUNBLOCK, which is where this authority comes from. No need to reinvent the wheel. Also, agree with Iri on not giving individual admins the authority to ban without consent or ArbCom authorization. TonyBallioni (talk) 19:41, 17 November 2018 (UTC)[reply]
  • @Ian.thomson, I don't agree with If they don't agree to the topic ban then they must not be interested in contributing to the encyclopedia in general but specifically engaging in whatever behavior got them blocked in the slightest. If they don't agree to the topic ban, they may just feel that its scope is too broad or inappropriate, and may well feel that for good reason; I've seen some truly goofy topic ban proposals in my time, and having a single admin make the call rather than an AN/ANI discussion means the checks and balances of the rest of the community explaining why the proposed topic ban is unworkable won't be there. ‑ Iridescent 19:59, 17 November 2018 (UTC)[reply]
@Iridescent: Ok, what about the specification "if they don't agree to a perfectly reasonable topic-ban"...? Like, yeah, if someone is being disruptive at just (clicks random article) Paromitar Ek Din, a proposal to ban them from all articles relating to either India or movies would be extreme, but (depending on the kind of disruption) "movies by Aparna Sen" or "movies starring Rituparna Sengupta" or even just a topic ban relating to that one movie would probably be a good indication whether or not the user is too hyper-focused on that topic to want to be useful elsewhere. Ian.thomson (talk) 20:07, 17 November 2018 (UTC)[reply]
Sure, but it's fair to see their side as well, and if they have a reasonable objection to the topic ban we should treat it as such, even if we don't necessarily accept their proposed wording. To take a fictional but eminently plausible hypothetical, imagine editor Foo has spent most of their editing career writing about old cowboy movies, but then got sucked into Trumpian edit-wars and eventually got banned under WP:ARBAPDS. They appeal their ban, and the admin Bar agrees to unblock subject to a topic ban using the standard wording of all pages related to post-1932 politics of the United States and closely related people, broadly construed. Editor Foo complains that they can't accept this, since this definition will include Ronald Reagan and Clint Eastwood, making it impossible to return to their favorite topic of cowboy movies even though their edits there were universally accepted as uncontroversial. In this case admin Bar's initial complaint is completely reasonable since it's using standard Arbcom-mandated wording, but there wouldn't be anything vexatious about editor Foo refusing to accept it. (This kind of thing used to come up all the damn time back when The Troubles was still a hot topic—since virtually every person of consequence in Northern Ireland was linked to the conflict in some way or another, topic bans had the de facto effect of banning editors from anything historical or biographical.) ‑ Iridescent 20:22, 17 November 2018 (UTC)[reply]
I can't recall a wording for it (other than WP:COMMONSENSE) but I've been given mixed messages as to whether pages that cover multiple topics are treated as divided territory or the worst possible topic. There's some city that's a sister city to Jerusalem. When an edit war broke out in that article over whether Jerusalem is in Israel or Palestine, I got fussed at for citing the Arbcom DS for the Palestinian/Israeli conflict, even though everyone (except a few WP:SPAs) agreed that locking the page was necessary to stop the edit war (though I still don't understand why I was the first to lock the Two-state solution article!). Still, I've also seen plenty of cases where someone got in trouble for editing part unrelated to a DS of an article that was partly covered by a DS. If the topic ban is being implemented through this and not through discretionary sanctions and the editor has a proven history of improving cowboy movie articles (or whatever), the hypothetical admin should be willing to say "ok, you can still edit the parts of the Eastwood and Reagan articles from before they entered politics, except when they made political statements during their acting careers." (Looking a non-cowboy Arnold Schwarzenegger, acting careers after entering politics might too much of a gray area, though, IMO). Ian.thomson (talk) 20:46, 17 November 2018 (UTC)[reply]
  • Support with Iridescent's qualifier per everything Iridescent has said in this discussion. Thryduulf (talk) 20:48, 17 November 2018 (UTC)[reply]
  • Oppose Too big a grant of authority to individual admins. Topic bans should require a community process. --Trovatore (talk) 20:56, 17 November 2018 (UTC)[reply]
  • What Iri and Tony said. ~ Amory (utc) 21:44, 17 November 2018 (UTC)[reply]
  • This is already policy, no harm cross referencing it at the banning policy as well. If the blocked editor is unwilling to accept the proposed unblock conditions, they have the option of waiting out their block (if not indefinite) or not agreeing, which will result in their appeal being declined, at which time they can request further review (whether indef or time-limited). Seraphimblade Talk to me 21:50, 17 November 2018 (UTC)[reply]
    • Indeed, unblock conditions can result from a negotiation of the details - e.g. tweaks to boundaries, clarifications, etc. (e.g. I recall one user suggesting a slightly different wording to avoid potential confusion between the plain English meaning of a word and the more specific meaning of that word as a term of art in the topic area concerned) and this is a Good Thing as restrictions both 'sides' are happy with are far more likely to be adhered to. Thryduulf (talk) 23:07, 18 November 2018 (UTC)[reply]
  • Support Iridescent's version, to ensure this does not get out of hand. — AfroThundr (u · t · c) 05:45, 19 November 2018 (UTC)[reply]
  • Good points everyone! I think we're all pretty much in agreement with Iridescent. One last sticking point is that bans are meant to be community sanctions, but in this situation we have a ban imposed by an agreement of two editors (the blocked user and the unblocking admin). In my view such a ban should still require a discussion at a community noticeboard to lift the ban, the same as with other bans enacted by the community. That's basically current practice anyway, I'm just thinking about how to update the banning policy to match. Is there any opposition to that? Ivanvector (Talk/Edits) 13:23, 19 November 2018 (UTC)[reply]
  • I'm thinking of adding a line item under "authority to ban" describing this situation, and in that case the appeal method is already in the policy. I guess the line item would need to specify that this sort of ban is to be considered a ban imposed by the community. Reviewing just now, maybe it's better for this to be a separate subsection (e.g. "unblock conditions") like how we have a "bans for repeated block evasion" section. As for time-limited bans, I don't think a distinction needs to be made. I personally don't do time-limited bans, the way I see it if there's consensus for someone to be banned then they need to actively convince the community to unban them in the future, but I do know that time-definite bans are a thing we do. Ivanvector (Talk/Edits) 13:52, 19 November 2018 (UTC)[reply]
  • Support Iridescent's but not community ban lifting - I disagree in thinking that a community agreement should be required to remove the conditional partial bans. If nothing else, it makes no logical sense because of the existence of time-limited bans (as they'd be removed without any involvement of the community along the way so there's no fundamental community link to the bans). I would say the individual is entitled to appeal to either the admin or the community to remove an indef T-ban (et al) but that's their choice. I suppose any admin doing this could say "indef requiring community removal" but that would seem a bit iffy. Nosebagbear (talk) 19:22, 20 November 2018 (UTC)[reply]

Proposal on overly long entries in lists

 – Pointer to relevant discussion elsewhere.

Please see: Wikipedia talk:Manual of Style/Lists#Overly long list items

Gist: Add brief advice about what to do about excessively large items in lists, to either WP:Manual of Style/Lists or WP:Summary style.  — SMcCandlish ¢ 😼  23:25, 20 November 2018 (UTC)[reply]

Proposal to tighten administrator inactivity procedure

Yeah, I know, WP:PERENNIAL. But after yet another compromised inactive admin account ran amok over the project today, I feel like this should be revisited. The account in question did not have a logged action in over 2 years, and had made only 5 edits in 2017 and one in 2018. The policy as currently worded reads:

Administrators who have made neither edits nor administrative actions for at least 12 months may be desysopped.[1] Subject to the lengthy inactivity consideration below, this desysopping is not to be considered permanent, or a reflection on the user's use of, or rights to, the admin tools. The admin must be contacted on their user talk page and via e-mail (if possible) one month before the request for desysopping and again several days before the desysopping goes into effect. Desysopping on inactivity grounds should be handled by English Wikipedia bureaucrats. The summary in the user rights log should make it clear that the desysopping is purely procedural.

I propose modifying this to:

Administrators who have made no logged administrative actions for at least 12 months may be desysopped.[2] Subject to the lengthy inactivity consideration below, this desysopping is not to be considered permanent, or a reflection on the user's use of, or rights to, the admin tools. Desysopping on inactivity grounds should be handled by English Wikipedia bureaucrats. The summary in the user rights log should make it clear that the desysopping is purely procedural.

References

The change removes the notification requirement, and the "edits" criterion. The effect is that admin accounts which don't use admin tools for 12 months will simply have the bit silently removed as a matter of security. We won't tell them we're about to do it, and then they won't log in and make one nonsense edit to hang on to the bit. Removal will just happen when they've been away long enough, and if they come back some time later and want to go back to adminning they just ask at BN and go through the 24-hour hold like anyone else whose bit has been voluntarily removed. In fact admins should be actively discouraged from "holding on to the bit" in this manner, but let's at least do this. Ivanvector (Talk/Edits) 17:51, 22 November 2018 (UTC)[reply]

Survey/discussion

  • Support Given the length of time the inactivity policy has been around for now, I think it's reasonable to assume every active admin has heard of it, and nobody will be surprised if their rights expire, so provided this gets enough publicity in the right places, we should just do it. Also, as I just said on another thread, I think it would also be helpful to make two factor authentication mandatory for all admins, and desysop those who do not turn it on. It would stop this kind of disruption. Ritchie333 (talk) (cont) 18:09, 22 November 2018 (UTC)[reply]
I agree with the idea of desysoping (or at least warning) people for not using 2FA, but there would have to be some kind of cool-down period. Earlier this month, I had to get my phone replaced, meaning I went a day or so without 2FA. It simply wouldn't have been efficient to remove the bit for only 24 hours (especially because I was still active). Perhaps existing admins should get a month or two to set it up, all new admins get one week post RFA closure, and all admins that need to temporarily disable it also get a week. Anarchyte (talk | work) 23:12, 22 November 2018 (UTC)[reply]
I strongly disagree with any forced 2FA idea. Forcing editors to have a certain device in order to be admins runs contrary to our most basic principles. There is no rational reason to preclude people unwilling or unable to use such additional devices from being admins. Especially since 2FA is still a hassle as Anarchyte points out and any problem with the device might render an admin incapable of editing at all. Plus, how many active admin accounts have been compromised? Regards SoWhy 11:58, 23 November 2018 (UTC)[reply]
I also strongly oppose mandatory 2FA. Benjamin (talk) 01:12, 25 November 2018 (UTC)[reply]
Good point. RfC banner added, and I'll advertise on CENT as soon as I figure out how that works. Ivanvector (Talk/Edits) 19:09, 22 November 2018 (UTC)[reply]
  • Strong support This should be done to any account with advanced permissions, such as rollbackers and reviewers, not just admins. funplussmart (talk) 19:05, 22 November 2018 (UTC)[reply]
  • I suggest that this proposal should also modify the lengthy inactivity section to clarify that the clock for the three years of uninterrupted inactivity always starts with the last edit, and not with the last administrative action. isaacl (talk) 19:05, 22 November 2018 (UTC)[reply]
  • Support the original proposal per the nominator, oppose making 2FA mandatory. I'm presently unable to use it as my only compatible second device is away being repaired (due to an obese battery). There is also insufficient capacity at the WMF to handle users who have problems with it. Thryduulf (talk) 19:31, 22 November 2018 (UTC)[reply]
  • Oppose if you're going to get rid of the edit requirement then you need to have some sort of protection for admins who perform non-logged actions. We've had admins who only take part in admin actions that don't generate logs, such as editing the various bits of the main page. Such an admin would be desysopped even though they're still performing admin actions. Yes, they could ask for the admin tools back, but I don't see why they should have to every month just because of a badly drafted policy. Strictly this would also allow new admins and recently resysopped admins to be desysopped as well. Hut 8.5 21:01, 22 November 2018 (UTC)[reply]
    • I imagine the bureaucrats would just skip that admin each month, knowing that they are performing non-logged administative actions. As long as the number of these are low, it should be manageable. isaacl (talk) 22:47, 22 November 2018 (UTC)[reply]
      • They might skip them, they might not. There would be no policy basis for doing so and bureaucrats tend to be keen on sticking to procedure. The more of these admins there are the harder it is to justify not desysopping them. The whole issue could be avoided by striking one word from the proposed policy change. Hut 8.5 20:37, 23 November 2018 (UTC)[reply]
        • @Hut 8.5: I have no problem with that personally, but then we're asking the 'crats to take on the non-trivial work of judging which admins are active. There's a proposal below to implement a log for editprotected actions, so that editing a protected page will be a logged action and count toward activity with this wording. And viewdelete has come up but as I understand how filters work just looking at a deleted page is not something that can be logged, but so far a theoretical admin who only uses viewdelete is an extreme edge case. Ivanvector (Talk/Edits) 20:55, 23 November 2018 (UTC)[reply]
        • Sure, I don't have an issue with removing the word "logged" from the proposed text. "may be desysopped" leaves the door open for judgment, but I agree that there isn't a need to limit the range of applicable administrative actions. isaacl (talk) 21:00, 23 November 2018 (UTC)[reply]
          • I'd be happy to support this if the activity requirement was defined in terms of admin actions, where an admin action is something which can only be done by an admin and which shows up in your contribution history somewhere. That would include editing fully protected pages, closing discussions which have to be closed by admins, imposing discretionary sanctions and probably a few other things. I agree viewing deleted pages isn't enough and we can't verify it anyway. "Logged action" will be interpreted as something which shows up in Special:Log, which is more restrictive. Hut 8.5 21:42, 23 November 2018 (UTC)[reply]
    That's the intent, really: by "logged action" I mean "some action that requires admin permissions". Up until very recently (see below) I was under the impression all admin actions were logged in one way or another. Logging everything admins do is good for accountability, and also has this side benefit of being an indicator (by absence of log entries) of which admins are not actively adminning, and so I went with "logged action" for the policy wording. But it's just as well if it's wording meaning "any administrative action" as long as we have an unchallengeable definition (i.e. editing a protected page is, closing an RfC is not; it's something non-admins cannot do, not just something they shouldn't) and some way to measure it (i.e. logging, or maybe a bot to do the check, or calling on the 'crats to do it). Ivanvector (Talk/Edits) 22:06, 23 November 2018 (UTC)[reply]
  • Interface admin allows people to edit interface pages, not ordinary full-protected pages. Furthermore interface admins can do a lot more damage than admins and you have to be an admin to be an interface admin. Hut 8.5 22:04, 22 November 2018 (UTC)[reply]
  • Support, and Support 2-factor authentication as well. I'd prefer 6 months, but as some admins seem to think 12 months means one month, that would only confuse them. DuncanHill (talk) 21:05, 22 November 2018 (UTC)[reply]
  • Strong Support. As Wikipedia's reputation and popularity continue to grow, it's imperative that we take security/user access controls more seriously. -FASTILY 21:51, 22 November 2018 (UTC)[reply]
  • I support this too. Taking out the notifying part is a good idea. BTW Esanchez7587 should have lost the bit a year ago. Drmies (talk) 21:57, 22 November 2018 (UTC)[reply]
  • Oppose The Administrators are still using their account. —Eli355 (talkcontribs) 22:19, 22 November 2018 (UTC)[reply]
  • Support - We're not in 2006 anymore neither is this small fairly unknown website, We're currently the 5th visited website in the world and as such in this day and age this really shouldn't be happening, But compromises can and do happen everywhere so we're not always going to be tiptop in that respect, Anyway I support the modification/update. –Davey2010Talk 23:02, 22 November 2018 (UTC)[reply]
  • Support it’s not that difficult to make the trip to CAT:EX or CAT:G7 so the inevitable “people will make dumb actions just to keep the bit” thing falls flat. Opppse anything about mandatory 2FA. I use it, but we would lose several functionaries if we required it not to mention countless admins. TonyBallioni (talk) 23:07, 22 November 2018 (UTC)[reply]
  • Support - Not sure how long it should be, but the constant gaming by inactive−but technically active−admins is counterproductive. Anarchyte (talk | work) 23:12, 22 November 2018 (UTC)[reply]
  • Oppose. We want inactive admins to resume helping if and when they want to; there are life reasons someone may step away from the project, and not all will be willing to run the RfA gauntlet again as Opabinia regalis was. We don't want to encourage someone disaffected with the project but unwilling to surrender their tools to delete something or block someone just to keep them, even if it's an unquestioning response to a noticeboard request. Admins who do things like editing fully protected pages (not only DYK, but ERRORS comes to mind) are as useful as those who specialize in deleting and/or blocking, but the former don't appear in the easy to check log. (Nor does checking deleted contributions in evaluating how to speak to an editor, for that matter.) On the other hand I got lots of log entries for moving my own drafts to main space "without leaving a redirect". It's not a fair metric of admin activity. Desysopping for inactivity is also not an efficient way to protect against admin abuse: I recall one case where an admin ran wild including posting a philosophical musing to the Main Page. Emergency desysopping is the best strategy and less likely to lose us useful admins. And we already have that. I also recall seeing something about functionaries periodically testing admins' passwords for strength, but given other cases I recall, I doubt that's been being done. That would help (and would encourage those who don't have serious problems with two-factor authentication to take the step to get out of the resulting demands they change their single password). Also, admins are expected to have e-mail turned on; has any thought been given to bureaucrats' e-mailing those who don't appear to be using their tools, asking whether they would consider handing them in voluntarily? Yngvadottir (talk) 23:17, 22 November 2018 (UTC)[reply]
  • I would prefer to increase the requirement on what constitutes as "active". An editor who has six edits over two years should not be considered active enough to keep the tools. Mkdw talk 23:35, 22 November 2018 (UTC)[reply]
  • Support Use it or lose it. The current requirement of needing a single edit in a calendar year is routinely gamed and far too low of a bar for retaining advanced permissions that can cause wide-spread disruption. Having read through previous related discussions I have never seen anyone present a compelling argument against implementing more stringent requirements.-- Jezebel's Ponyobons mots 23:43, 22 November 2018 (UTC)[reply]
  • Support We have nearly 80 admins who have edited in the last 12 months but haven't performed a logged admin action for over five years (in a few cases, ten). All of those, unless they're performing a large amount of non-logged actions - which I doubt - need to lose the bit. There's even a few there who have never passed an RfA .... Black Kite (talk) 23:59, 22 November 2018 (UTC)[reply]
  • Support per nom and above supports. ZettaComposer (talk) 00:53, 23 November 2018 (UTC)[reply]
  • Support this system is easier to implement, prevents gaming, and has good rationale as per nom. --Tom (LT) (talk) 01:08, 23 November 2018 (UTC)[reply]
  • I don't like the idea of -288 admins and -4 crats. I do like the idea of 2fa being mandatory. SQLQuery me! 02:34, 23 November 2018 (UTC)[reply]
  • Support. Removing privileges from admins who don't engage in any admin activity is a "paper loss", but a compromised account with privileges causes real harm. The standard proposed is still conservative and easy to meet. By comparison, some other WMF projects have requirements for admin actions every 6 months. (See meta:Admin activity review/Local inactivity policies for more information on other projects' policies.) --RL0919 (talk) 02:44, 23 November 2018 (UTC)[reply]
  • Support. Re-requesting the bit if it's been removed is no big deal; compromised admin accounts meanwhile pose a much larger issue to the project. Home Lander (talk) 04:18, 23 November 2018 (UTC)[reply]
  • Oppose. First off - This is very premature. Difficult cases make bad law; it's always a bad idea to respond to an event by immediately trying to create a policy that will prevent its recurrence. There has not yet been an analysis of what was going on here. We don't actually know if this is a compromised account; really, what we have is an admin account that acted in an unacceptable manner. Conclusions have been leapt to, and they have not yet been proven. Second - there's no evidence that this change will prevent future similar episodes. The vast majority of administrator accounts that required their privileges to be yanked were those of administrators who would easily have met these more stringent standards, let alone the current ones. Come back in a month, with greater research and good evidence that the proposal will likely prevent rogue administrator actions, and then we can talk. Risker (talk) 04:40, 23 November 2018 (UTC)[reply]
    We do know that the account was compromised (related phab task) but otherwise agreed that knee-jerk reactions aren't the way forward here. -- Ajraddatz (talk) 05:14, 23 November 2018 (UTC)[reply]
(Unfortunately the task is not visible to the public.) — regards, Revi 05:17, 23 November 2018 (UTC)[reply]
What we do know is that the same person has compromised (or at the very minimum, abused) 16 other accounts.[6] Personally I've no doubt about it. -- zzuuzz (talk) 07:20, 23 November 2018 (UTC)[reply]
Well, since Ivanvector below has indicated that this proposal isn't really about the recent admin account hackings, and it seems to now be understood that this wouldn't prevent hacking in the first place, I'd be willing to consider an increase in the activity levels of admin accounts. However, I do see lots of useful admin activities that are not logged. If there is to be a change in threshold for de-adminning, I'd go with any combination of X number of edits and Y number of logged admin actions within the previous 12 months, where the total of X+Y equalled some specified number; for example, there must be a minimum of 10 actions (either edits or logged admin actions) within the past year. I strongly believe, however, that the notification of a user that they are on the verge of losing their admin tools is absolutely mandatory; I actually don't understand why anyone would think it was okay not to do so. And it seems there is an agreement that 2FA is off the table too, which is a good thing, since it's really out of the control of a single project. Risker (talk) 02:25, 24 November 2018 (UTC)[reply]
It is about the recent hackings, but not meant to be a solution to that problem, just mitigating risk. If the idle hacked accounts had not had admin access then probably the hack would have just taken another form, the vandal has also been hacking accounts that only have rollback permissions. As for the notification requirement, my rationale for changing it is that in the policy's current form we let admins be entirely idle for an entire year, then we tell them to make one single edit if they want to hang on to the bit for another entire year, and in my view that entirely defeats the purpose of suspending the rights of inactive accounts. We might as well just not have this policy at all. If we alter the activity requirements instead, that could be an alternative to this proposal, but given that so many have already commented here on the original I think it would be a good idea to break that out into another subsection. Ivanvector (Talk/Edits) 14:58, 24 November 2018 (UTC)[reply]
Well, since it *is* about the recent hackings after all - and given the fact that as I write this I am currently investigating the most recent compromised admin account (of an administrator who is highly active)....this entire discussion is moot. This isn't going to stop the vandal involved, and I don't think it reduces risk whatsoever. Risker (talk) 20:33, 24 November 2018 (UTC)[reply]
  • Oppose Having to ask for my bit back every month because I only edit protected pages is not an ideal scenario. Stephen 05:08, 23 November 2018 (UTC)[reply]
  • Oppose - As a semi-active admin (but not one who would currently be desysopped under this proposal), I can't support this. I don't believe that the risk of rogue admin actions outweighs the harm to the project that would be caused by driving away semi-active admins who have put in a lot of time and edits, even if real life is preventing them from logging admin actions right now. In addition, desysopping without even a notification is cruel. -Danaman5 (talk) 05:39, 23 November 2018 (UTC)[reply]
"Cruel"? I had my admin rights on Monochrome BBS removed without asking sometime around 2002 (I couldn't even pinpoint the year, which is kind of the point) because of inactivity. All I said was "it's a fair cop". Ritchie333 (talk) (cont) 12:05, 23 November 2018 (UTC)[reply]
  • Support Not really about security, because I feel that's a non-issue overall. But I have long thought this policy needed tightening up to stop people "playing the game". I would change it slightly though, to remove the word logged, so removals should be based on any edit or log which required admin status. Aiken D 06:37, 23 November 2018 (UTC)[reply]
  • Oppose I was going to say what Risker said, but she already said it, so I can just say "what Risker said" ;) We can't just stop informing people of changes that concern them because we don't want them to actually act on that information. Adding to that, I always have a negative reaction to the tone of some of the comments in admin-activity discussions - there's always a lot of snippy posts about "gaming the system" and "hat collecting" and whatnot. Every time I point out that that was me at one point, I almost certainly would have done the "log in and make an edit or three" thing if I'd seen the messages while I wasn't active, and it would have been entirely due to thinking "oh yeah, it's been awhile, I should get back into that when I get some spare time" and then not following up due to, well, lack of spare time. And based on that the same stuff gets posted every time, it seems that pointing out that there's a perfectly reasonable good-faith thought process behind this behavior has exactly zero demonstrable impact on people's willingness to make kind of mean-spirited assumptions. That's not a reason to oppose on its own but it's a weird and off-putting pattern. *shakes fist at cloud* Opabinia regalis (talk) 07:10, 23 November 2018 (UTC)[reply]
  • Question: What's the escalation plan for two years or so from now, when the new moral panic is about admins who create and then speedy a page in their userspace once a year? —Cryptic 08:25, 23 November 2018 (UTC)[reply]
  • Support By definition, by not editing/doing an admin log in 12 months means they are not an admin! Lugnuts Fire Walk with Me 08:54, 23 November 2018 (UTC)[reply]
  • Oppose, far too many "things only admins can do" don't appear in the logs. We need more admins not less. Fish+Karate 09:25, 23 November 2018 (UTC)[reply]
    And I will note this RFC has not been written neutrally. "Yet another admin account" implies this happens frequently; per Wikipedia:Former_administrators/reason/compromised, the accounts of Denelson83 and Esanchez7587 have both been compromised this year, but the last one prior to these two was in 2012. Nine compromised admin accounts in 12 years is not frequent. "Ran amok over the project" - they made zero edits and 12 administrative actions, 10 of which were blocks, all of which were undone within 33 minutes. Emotive language doesn't help anyone. Fish+Karate 09:44, 23 November 2018 (UTC)[reply]
    In 2016 quite a few admin accounts were hacked by OurMine (see [7]) and they're not listed there in former administrators because they recovered their accounts (see e.g this for locking and unlocking) Galobtter (pingó mió) 10:03, 23 November 2018 (UTC)[reply]
    And in 2015, a few accounts were compromised by an attack elsewhere, including two admin accounts. I can agree with the wording being a little iffy, though it's a little more understandable after these are factored in. Anarchyte (talk | work) 10:11, 23 November 2018 (UTC)[reply]
    Thanks both, I was not aware of these. This takes it to 14/15 or so admin accounts in 12 years, unless there's others still unlisted, which still doesn't strike me as a regular occurrence to the point 2FA has to be imposed on everyone. Fish+Karate 10:52, 23 November 2018 (UTC)[reply]
The reason they didn't appear to "run amok" after indef-blocking two long-standing users who tried to stop them is that a bunch of people scrambled around to get the issue fixed ASAP. As Anarchyte has mentioned, The page above does not document the incident where Salvidrim and OhiaUnited were compromised, or when Jimbo Wales' account was cracked and ran amok, for example. We need a full set of figures to be able to look at the facts correctly. Ritchie333 (talk) (cont) 10:20, 23 November 2018 (UTC)[reply]
These stats also don't count the several steward and functionary accounts that were also hacked recently, which could have caused serious actual harm (but AFAIK didn't). Not that this proposal would do much for those levels of permissions, I'm just saying this is quite far from an isolated incident. Ivanvector (Talk/Edits) 13:11, 23 November 2018 (UTC)[reply]
  • Support- regardless this latest trigger issue. Not one iota of valid argument in any of the opposes so far. Leaky Caldron 10:15, 23 November 2018 (UTC)[reply]
  • Support Everyone can edit, but only admins can make admin actions. Thus their level of activity should be judged by the amount of admin actions they make. I fully understand that some of these actions are not logged, but I don't view this as a reason to oppose. talk to !dave 11:15, 23 November 2018 (UTC)[reply]
  • Conditional Support on the basis that an edit filter like the one Xaosflux proposes here (or some other solution) is adopted, so that all major onwiki admin actions are logged. IffyChat -- 11:37, 23 November 2018 (UTC)[reply]
    @Iffy: These could be logged for bot review (see example on testwiki. — xaosflux Talk 14:45, 23 November 2018 (UTC)[reply]
  • Support protection of the project clearly outweighs putting a legacy admin to the trouble of requesting their tools back occasionally. ——SerialNumber54129 11:48, 23 November 2018 (UTC)[reply]
  • Oppose I wish people were pouring effort and creativity into keeping the editors and admins we have. Rogue accounts are easily dealt with. Making people go through any kind of hoop at the end of inactivity is an unhelpful additional barrier to their return. --Dweller (talk) Become old fashioned! 12:25, 23 November 2018 (UTC)[reply]
  • I'm all for increasing the activity requirement for security purposes. At the moment it's anything greater than 0 activity. I'm not sure that greater than 0 admin activity is the right way to go - I'd be more keen to look for say, 50 edits per year. It will stop those who keep dormant accounts alive by making a single edit, yet should be easy to reach even at 5 edits per month, which is our definition of "active". Perhaps have 50 edits per year or 1 admin action per year? Regarding mandatory 2FA, I oppose. largely per Risker's diversity concerns. WormTT(talk) 12:28, 23 November 2018 (UTC)[reply]
  • Oppose. (Disclaimer; this provision would have caught me out on multiple occasions.) The whole "reduce the potential for compromise" thing, I'm assuming is a complete red herring, unless anyone can provide any actual data to indicate that "admins who have edited within the past 12 months but haven't performed a logged admin action in that period"—the only group which would be affected by this proposal—are at any more risk of compromise than any other account. I'm a strong opponent of the current setup which allows legacy admins from the early days of Wikipedia to periodically emerge and start trying to enforce the standards of a decade ago, and would support some kind of periodic reconfirmation, but I don't see how this proposal would address either the security or the legacy admin issues. (What's to stop either a compromised account, or an incompetent legacy admin, from heading over to WP:BN and asking for the sysop bit back?) In all honesty, whatever the good intent of the proposers it looks more to me like an attempt to cull the number of admins via the back door. ‑ Iridescent 12:32, 23 November 2018 (UTC)[reply]
I don't particularly disagree with anything you've said here, but let me try and clarify my view on this. As I vaguely mentioned above, the inactivity standards here seem to be far higher than anything else I've personally witnessed - I've been the equivalent of desysopped for inactivity elsewhere without complaint (but perhaps I'm just the sort of person who shrugs shoulders and moves on) and when I was a regular on Monochrome BBS in the 1990s, policy was that if you didn't use any account (ie: basic user privs) for three months, it was deleted. Is that a good or bad thing, or just different? Secondly, I do think "culling the number of admins via the back door" is a fair point, and I think part of that is due to the dissatisfaction over "legacy admins" because it's too hard to pass RfA these days. Indeed, one of the reasons I went looking for admin candidates over the past 12 months was simply to try and dilute some of that, so that we had a fresh corpus of new admins bringing new ideas into the place, rather than having to rely on people with a grandfather clause. As for what else can do about that, I don't know. Ritchie333 (talk) (cont) 12:49, 23 November 2018 (UTC)[reply]
  • I'm in a weird place here — In a vacuum I don't dislike the proposal, but a few of my "always agree with" editors have opposed, so per usual I'm in agreement with them. I like the policy change, if only because it will increase the churn and make it clear that +sysop isn't that big of a deal. I'm not concerned about unlogged sysop actions (although regardless of this the edit filter may be a good idea) because it should be easy to head over to BN and say "Yo, still sysoping here" and get the required bit back. That does, however, belie my real issue with this, which is that it doesn't solve the problem of compromised accounts. A user who is occasionally editing without any logged actions is no less likely to be compromised as they are indeed still using the account. I can support more stringent activity requirements, but I can't support this on the grounds of trying to solve compromised sysop accounts. Put more succinctly by Eli355, [t]he Administrators are still using their account. ~ Amory (utc) 13:18, 23 November 2018 (UTC)[reply]
  • Only if DYK/Protected Logged - we frequently see DYK as a primary reason for suffering going through RfA, and protected edits must also count. I am in favour of this but at a minimum we need DYK logged and probably any protected edit tagged. Nosebagbear (talk) 13:49, 23 November 2018 (UTC)[reply]
  • While I don't want to be one of those "old" admins coming out of the woodwork to reflexively oppose, I think I'm going to oppose. De-adminning for inactivity makes sense to me - if you don't log in for a long time, you may not know what's going on, and you may not be paying enough attention to your account to be sure it's secure. I could support reducing the window of inactivity in the project at all, but I'm not convinced that de-adminning for disuse is the right way to go. What the project needs isn't fewer admins - it's fewer inactive admins. So rather than quietly taking about the tool, why not nudge people to use them more? Something like a bot message that says "you have not made a logged admin action in the last 6 months. Here are some clean-up tasks you could help with". Maybe after a year, up it to "you haven't made a logged admin action in the last 12 months. Please drop by BN to confirm that you still want the tools". Sure, some people are going to make some logged actions just to hold onto the tools, but for every one of those, there would probably be 10 or 20 people who would say "you're right, let me help out a bit". At the very least, I think we should try to nudge people into activity instead. See if that works, before we go ahead with a proposal that, let's be honest, assumes bad faith on the part of inactive admins. Guettarda (talk) 14:17, 23 November 2018 (UTC)[reply]
  • To be honest I'm surprised that so many editors are commenting here that this RfC is an attack on inactive admins. It's not, not at all, and I'm a little bit offended that it's being interpreted that way. It's purely patching a security vulnerability. Think of it like the front door of your house (apartment, dwelling, whatever). You have some friends over, you have a good time, eat some food, drink some beers, play some games, whatever. Then everyone goes home, and you close the door. You're still friends (presumably), they're still welcome in your home, but you don't just leave the front door open for when they come back (or you don't in this climate anyway). When they do come back, you look out your window or peephole or whatever, confirm it's your friend knocking on the door, then you welcome them back, eat some beers, drink some food, whatever it is you do for fun. That's all that this is. If an admin has been away for a while, they're still an admin, we just take their mop and hang it back in the closet while they're not using it. It's their mop, and when they ask for it back we gladly hand it back over, and then a bunch of people drop by WP:BN and leave notes like "hey welcome back! we missed you!" It's not a back-door desysop at all.
As for solving compromised admin accounts, of course this doesn't, it doesn't even really try to. As long as we have admins we're going to have hackers trying to crack admin accounts; some of them are inevitably going to be successful, and that is not the admin's fault. All this does is cut down on the number of doors left open to Wikipedia's house. And sorry for the crude analogy. Ivanvector (Talk/Edits) 15:29, 23 November 2018 (UTC)[reply]
  • CommentI am not an admin so maybe there is something I am missing, but how does this helps security. Is there any difference in using your account to make admin actions or edits in terms of judging activity and the likelihood of an account to be compromised. Using Ivans open door comparison, you are just as likely to open your door to a friend who has come over for an informal chat as you are to your same friend who comes on some formal visit. They have still visited, even if it is only once a year. If it really is necessary to tighten security via counting actions I feel it would be better to shorten the time of inactivity or increase the minimum number of edits per year. AIRcorn (talk) 17:34, 23 November 2018 (UTC)[reply]
    I think the main goal is to reduce the attack vector; less admins means less accounts vulnerable to be compromised, and accounts largely inactive are likely that of users who may not be around to get the reminders and improve their passwords (noting another admin just got compromised..last admin action in 2014) Galobtter (pingó mió) 19:45, 23 November 2018 (UTC)[reply]
  • Support, seems like a sensible reform. GABgab 18:20, 23 November 2018 (UTC)[reply]
  • Oppose the change per Risker and Iridescent. Particularly with the attempt to backdoor force 2FA for admins. ♠PMC(talk) 19:55, 23 November 2018 (UTC)[reply]
Oh, hey, just back from another cleanup from another compromised admin account. There is no "attempt to backdoor force 2FA for admins" going on here. I don't know how to more clearly or bluntly state that 2FA enforcement is not going to happen. If it does it will come from the WMF and we'll have no say in the matter. It's just not part of this proposal at all. Ivanvector (Talk/Edits) 20:19, 23 November 2018 (UTC)[reply]
@Ivanvector, the very first comment in the thread is make two factor authentication mandatory for all admins, and desysop those who do not turn it on. You can legitimately say that you don't agree with the attempt, but don't try to claim the attempt isn't being made. ‑ Iridescent 12:55, 24 November 2018 (UTC)[reply]
There is always some background minority push to do some thing that is widely not supported or technologically impossible. Mandatory 2FA for admins is one of those rare things which is both not widely supported and difficult technologically to implement (WMF's implementation, not necessarily 2FA in general, see Risker's comments among others). I view the attempts to wedge mandatory 2FA into this completely unrelated proposal as hijacking the thread, and I wager I am more angry about it than you are. Ivanvector (Talk/Edits) 14:13, 24 November 2018 (UTC)[reply]
  • Oppose - Some form of removal notification is due, and it is possible to use the tools for the benefit of the community without logging any administrative action (e.g. viewing deleted page history). — Godsy (TALKCONT) 20:08, 23 November 2018 (UTC)[reply]
  • Support If you are not using the tools, you will not miss them. If you do want to use them, all you have to do is ask for them back. It's a small hoop to jump through for the sake of fewer sysop account with the potential to be compromised. The benefits to the project outweigh the inconvenience to any very infrequently active admins that this would affect. Natureium (talk) 20:27, 23 November 2018 (UTC)[reply]
  • Comment - We've had another cracked admin account this evening, no logged activities for four years, vandalised the main page, deleted today's featured article and indeffed a bunch of admins. Does this influence anyone's opinion? Ritchie333 (talk) (cont) 20:33, 23 November 2018 (UTC)[reply]
  • Support The base proposal without requiring 2FA. It should remain a strong recommendation though. Also support "logged actions" being extended to use of editprotect and tracked via the edit filter mentioned above. — AfroThundr (u · t · c) 20:49, 23 November 2018 (UTC)[reply]
  • Support The time for pearl clutching is OVER. 2 compromised accounts in a few days is unacceptable. Furthermore it will make the Mop Holder "Put up or Shut Up". Either they do have a need for the admin toolset (or can relatively easily get it back) or they don't need the tools any more. I agree with the provisos regarding certain unlogged items that should count as activity (though why we couldn't get those logged as admin activities is annother question). I note that previous attempts to get admins to maintain secure passwords (or 2FA) were turned down as beyond scope, however the outbreak of compromised administrator accounts requires us to exercise the more painful choice. Hasteur (talk) 22:27, 23 November 2018 (UTC)[reply]
  • Support Long overdue. The counterargument that not all admin actions are logged, while technically true, is a red herring. If you are only using adminship as a status and to peek at deleted material, you aren't doing an admin work. With two inactive accounts compromised in as many days it should be abundantly clear that this is needed. The policy will still be quite lax. Beeblebrox (talk) 23:46, 23 November 2018 (UTC)[reply]
  • Support - There are too many Admins gaming the system by making one edit a year to keep hold of their Admin bit when notified, and not making one Admin action for several years. It is about time we use common sense and stop this charade. JMHamo (talk) 00:23, 24 November 2018 (UTC)[reply]
  • Oppose When I first started reading I was intending to support. However, after reading some comments above, specifically Cryptic's about there still being a very easy loophole to keep the tools. The only counter to that is not telling admins that there tools are about to be yanked might work the first time, but, after that it won't be difficult to add a yearly reminder to create then speedy delete a userspace page. This would be especially easy to circumvent if edits to protected pages count as admin actions for this proposal, as one edit per year is still all that's required, it'd just need to be to a protected page instead of any page. Perhaps it might be better to increase the number of edits and/or logged actions are required to keep the tools. Callanecc (talkcontribslogs) 01:04, 24 November 2018 (UTC)[reply]
  • Support - Per nom, remove irresponsible "gaming the system" and just plan account security. - FlightTime (open channel) 02:44, 24 November 2018 (UTC)[reply]
  • Support The comments about unlogged admin actions, moral panic, and suggestions of how an admin could game the system miss the point which is that reducing the attack surface is the first principle of security. That's all. Unlogged admin actions can be solved with a cratchat to establish an exception for a particular case. Concern about biting inactive admins can be solved by crafting a good message thanking them for their work and letting them know they can easily regain the right. That process should emphasize the need to have a unique password. Almost certainly the hacking of several admin accounts in the last couple of years was done by people matching the list of admins with lists of user accounts hacked on other websites and finding cases where the hacked password was reused at Wikipedia. Admins who are genuinely active are much more likely to have thought about security and we can hope they use a unique password. Johnuniq (talk) 03:03, 24 November 2018 (UTC)[reply]
  • A further suggestion: how about not calling it "desysopping", but something like "suspension of administrative rights"? The admin in question is not being removed from the administrator corps, and can continue to do all the same administrative actions as before that do not require administrative rights (including deciding not to take any actions). Should the admin wish to take an action that requires the administrative rights, an extra step of requesting that administrative rights be re-enabled is needed. isaacl (talk) 03:21, 24 November 2018 (UTC)[reply]
  • Support This is a political question, and I'm strongly in favor of there being more situations where admins have to say hello at WP:BN after a moderate duration absence from regular activity, or re-RFA after a longer one. I do agree with the concerns that editing the various full-protected transclusions of the Main Page should be tracked as admin actions for inactivity measurements if this is implemented; the case that an editor only edits other full-protected pages is unlikely enough to be ignorable. power~enwiki (π, ν) 03:30, 24 November 2018 (UTC)[reply]
    I must note that I don't see the security concerns as a good reason to support this, though it's a plausible excuse to re-start this perennial discussion. A more effective way to handle security concerns would be to inform all admins who haven't changed their password since 2013 that they have 30 days to change their password to one that meets security guidelines, or they will lose their admin privileges. Simply reducing the number of admins does nothing good (I concede we could completely avoid the risk of hacked admins by having no admins at all); this proposal acts as a (weak) proxy for reducing the number of admins who have insecure accounts, which is what is needed. power~enwiki (π, ν) 03:30, 24 November 2018 (UTC)[reply]
    Is there a way to force password change, maybe in LocalSettings.php, say every 90 days or whatever span of time ? - FlightTime (open channel) 03:47, 24 November 2018 (UTC)[reply]
    I note you're both making an assumption that passwords created in 2013 or earlier don't meet current security guidelines, or assuming that the security guidelines should include mandatory password changes. You may want to read https://www.ftc.gov/news-events/blogs/techftc/2016/03/time-rethink-mandatory-password-changes about the latter. (P.S. Yes, mw:Manual:$wgPasswordExpirationDays exists) Anomie 15:49, 24 November 2018 (UTC)[reply]
I'm no assuming anything, I was merely asking a question. - FlightTime (open channel) 23:25, 24 November 2018 (UTC)[reply]
  • I don't assume that all early passwords are weaker, but I believe the software-enforced minimum password strength has increased over time (if you believe all the comments here, at one time 1-character passwords were allowed, and that certainly should not be allowed). Forcing everyone to do a one-time password rotation might be a better option. I don't support a mandatory 90-day expiration period; in my professional experience in the technology industry rotation periods of less than 1 year are almost always harmful in improving security. power~enwiki (π, ν) 16:15, 24 November 2018 (UTC)[reply]
  • Oppose - As others have said, there are admin actions which are not logged. There are a lot of permissions in the admin toolkit, and most are not logged, and many are of indirect, rather than direct use. This has been stated in every one of these discussions. that fact hasn't changed. Plus there are things admins do which require access to certain tools, but which may not need their actual usage in that specific instance. Such as closing a deletion discussion. Also, we prefer admins to embody restraint in regards to tools. This sort of proposal will just cause people to think they shouldn't act with restraint. And besides that, we'll start seeing logs bloat with barely accountable actions. Want an example? Handing out rollback is something an admin can do. And hey, it's even logged! So every admin just goes and gives rollback to someone. And to really make it fun, give rollback to an inactive admin... Tell me what's been solved? And finally, the moment an admin account has been compromised, wouldn't the compromiser immediately do an admin action? And so wouldn't that pretty much void the justification for this proposal? This may be a well-meant proposal, but it just really is a bad idea. - jc37 04:38, 24 November 2018 (UTC)[reply]
  • Support - Given recent events, this proposal is more than necessary. A year without a logged action is an enormous window, and any affected admin can just pop over to WP:BN and ask for the bit back. Nathan2055talk - contribs 05:23, 24 November 2018 (UTC)[reply]
  • Strongest possible oppose Does it ever occur to you that not all of us have smartphones and never plan to have them, so not all of us have the option of 2FA? I don't really have an opinion on changing the activity requirements, but don't take away my user rights as long as I'm using them in a proper fashion. Period. Nyttend (talk) 05:45, 24 November 2018 (UTC)[reply]
    Nyttend, 2FA isn't actually part of this proposal. I apologize for my earlier comment conflating the two ideas, but this is only about the activity requirements. Bradv 05:47, 24 November 2018 (UTC)[reply]
    And 2FA doesn't need a smartphone anyway - there are 2FA apps for computers too. Boing! said Zebedee (talk) 08:15, 24 November 2018 (UTC)[reply]
  • Support. - There are a few pretty egregious individuals, basically NOTHERE administrators, if you will, who do a couple bland edits a year to retain tools. We need to get a handle on how many or few administrators there actually are, and these phantoms impede an accurate assessment. Carrite (talk) 07:57, 24 November 2018 (UTC)[reply]
  • Support. As others have opined, if you're not going to use the admin tools then you shouldn't have them. And it's easy enough to restore the bit to someone who is genuinely going to use it. I'll just add that my opinion is not related to the recent hacks, it's a view I've held for a long time. Boing! said Zebedee (talk) 08:18, 24 November 2018 (UTC)[reply]
  • Support disabling inactive rights is basic risk management in any it organisation. Doing one or two dummy edits a year is WP:GAMING of the inactivity rule and shouldn't be encouraged. --Pudeo (talk) 09:04, 24 November 2018 (UTC)[reply]
  • Agree that gaming the system is a problem. Disagree with the proposed solution to the problem of not notifying the inactive admin. The right way to deal with this is like we do with 3RR: an editor who repeatedly waits until just after the 24 hours is still treated as an edit warrior. Likewise, we can treat any pattern of dummy edits that are clearly designed to avoid the inactivity rules as we would treat any other inactivity. --Guy Macon (talk) 09:41, 24 November 2018 (UTC)[reply]
  • Support any proposal to tighten admin standards and accountability. feminist (talk) 09:55, 24 November 2018 (UTC)[reply]
  • Oppose This proposal as drafted risks exacerbating a bigger problem than it seeks to address. Our problem of admin retention is much much more serious than any problem that the current proposal is hoping to mitigate, and auto desysopping makes Wikipedia less welcoming for returning admins. I would be more relaxed if this was a more nuanced reform with the period of time that old admins could return after increasing and the introduction of a meaningful test for such returnees. For example one day of renewed activity (not necessarily contiguous) per year of absence, up to a maximum of ten years since being desysopped for inactivity. That would give the community a reasonable chance to assess if the returnee had remembered/refreshed and updated themselves about Wikipedia, and showed enough commonality and experience that they were likely the same person. ϢereSpielChequers 13:43, 24 November 2018 (UTC)[reply]
  • Why do we need to retain an admin who performs 1 admin. action a year? They are not productive in any meaningful way and simply inflate a headline Admin. count which does not reflect true productivity in anyway. Rather like many of the stats. you churn out from time to time, it is a meaningless total when a large number do next to nothing. Leaky Caldron 14:27, 24 November 2018 (UTC)[reply]
  • Actually I'm not interested in retaining as admins those who only ever do one or two admin actions a year. I'm interested in retaining and keeping an open door for formerly active admins who might become active admins again in the future. such as retaining/reactivating more of the formerly active admins who return here after long periods of time. The problem is that once someone has dropped to a very low or zero level of activity we currently have few tools to tell who might return in the future and who will never return. So I've no problem assuming that those who have died won't be back, but with the project not quite 18 years old we have no way of knowing how many adolescents who go inactive after less than a decade of activity will return once they have retired, or before. We don't yet have anything close to a figure such as "after x years of inactivity the chance of return approaches zero". ϢereSpielChequers 17:07, 24 November 2018 (UTC)[reply]
  • Support This is a simple, non-punitive way to keep our admin roster at least a little bit up to date. Powerful tools should not be attached to inactive accounts, that's all. If people aren't using WP at all, they should not have admin tools. If they are only logging on once a year because they got an email warning, they should also not have admin tools. I agree with the proposal as written, with the one addition that a note should be put on their user talk page, AFTER the desysop, explaining what happened and why, with the assurance that it is just a security measure and does not reflect any wrongdoing on their part, and they can get their tools back via a simple request at BN. -- MelanieN (talk) 15:23, 24 November 2018 (UTC)[reply]
P.S. I very much like Isaacl's suggestion that such action be called "suspension of administrator rights" rather than "desysop". -- MelanieN (talk) 15:31, 24 November 2018 (UTC)[reply]
  • Oppose the wording as written above. There are plenty of times where I have been an active administrator even though I didn't use "logged administrative actions". Especially when I'm engaged at WP:AE, my preference is to do unlogged actions such as warnings, rather than blocks. I'm not opposed to tightening up the policy in other ways, like if someone has fewer than 10 edits per year, that might be reasonably viewed as inactive. Then again, if those edits are at administrator pages such as WP:ANI, WP:AE, comments at ArbCom pages, or anything in the Wikipedia space (as opposed to user/article pages), then I would see that as being more active. --Elonka 22:25, 24 November 2018 (UTC)[reply]
  • Support, sans 2FA and with the "suspension" wording. I've thought about this very carefully, particularly because I take the oppose comments by Risker and Opabinia very seriously. And I would be opposing if, hypothetically, the proposal were to require a new RfA. But posting a message at BN and waiting 24 hours – that's hardly a burden. I do agree with Ivanvector's analysis of partially reducing security risks (no need to let the perfect become the enemy of incremental improvement), and also with the view that we really expect active admins to be able to easily satisfy the revised requirements. Wikipedia is simply not the website that it was a decade ago. In some ways, we should expect more "professionalism" from all editors, but certainly this isn't an imposition on those users who want to have advanced permissions. --Tryptofish (talk) 22:46, 24 November 2018 (UTC)[reply]
  • Support - Regardless of the recent activity, this would be a good policy. "Retaining" admins who do not participate isn't retention.Onel5969 TT me 23:18, 24 November 2018 (UTC)[reply]
  • Oppose per Dweller. Kaldari (talk) 00:46, 25 November 2018 (UTC)[reply]
  • Weak Support As the incident involving Killiondude demonstrated, this can happen to anyone, and isn’t only limited to inactive admins. I support this only for the fact that it might be a more effective deterrent to a black hat trying to get access to vulnerable admin accounts. OhKayeSierra (talk) 01:03, 25 November 2018 (UTC)[reply]
  • Support tightening desysopping (or "suspension") rules though there is probably a better way to get around admins who may attempt to "game the system" by speedying a bullshit page they create in their userspace so they've technically logged an "admin action". Of course, if an admin just wants to keep the tools for fun rather than to use them constructively to improve the project, it reflects poorly on their suitability for having the bit in the first place, not to mention the security concerns discussed many times above. IntoThinAir (talk) 01:40, 25 November 2018 (UTC)[reply]
  • Support The potential for an admin who performs non-logged actions being de-sysoped is a non-starter for me. All it takes to stop that from happening is to do a 2-minute drop-in at requests for page protection once a year. The amount of time expense to do that is less than the amount of time expense to clean-up after a compromised account. Chetsford (talk) 05:26, 25 November 2018 (UTC)[reply]
  • Strong Oppose - I find the removal of a notification requirement to be a non-starter and contrary to our basic principal that someone should be notified before an action is taken against them. If someone is inactive, it does not mean that they will not come back nor that they cease being a member of the community. As someone who tends to come and go (and is also an admin) even if I'm not fully active at a given period, I do make occasional edits, maintain a strong, secure, and unique password, and see all messages (via notification and email) especially because I run a few bots. Further, the requirement for a "logged administrative action" as opposed to just editing seems to go against the spirit of us being here to build an encyclopedia and the goal that the appurtenant bureaucracy should just be ancillary. If someone is editing without using the tools it does not make them any less trusted or capable of using them responsibly them when they do need to use them. Further, administrators can, and do, add value by helping at WP:DYK (where I personally do quite a bit of work), WP:EDITREQ, and in other places where the tools are of value or essential even if their use is not formally logged. Finally, I agree with Risker's comments above and do not believe that this will meaningfully increase security. If we want to increase security, the strength of your password, it not being reused elsewhere, and 2FA (current technical issues and lack of support notwithstanding) are much, much more important to look at than activity. Regretfully, it looks like the group targeting admin accounts has enough sophistication to understand a bit of our inner workings, if an outside actor were to compromise a highly active admin account (as has happened before), all they would need to do is wait for the user to be offline or asleep to act. Our default edit counter (shown at the bottom of each user's contributions page) even has a "timecard" feature (see here for mine) which graphically shows a time distribution of your edits. Even if we were to disable this feature, it is not hard to figure out when I, or any other user, is almost never online. While I strongly agree account security, especially for accounts with advanced permissions, is essential, I cannot support this as I do not believe it helps us move towards additional security and am deeply concerned it could drive away valuable and respected editors and make it harder for them to return (similarly as Dweller pointed out above). Best, Mifter (talk) 06:27, 25 November 2018 (UTC)[reply]
  • Weak Oppose I want a solution that 1. fixes this problem and 2. doesn't feel punitive to good-faith admins who for whatever reason are inactive for a while. I'm not sure this proposal does either of those things. If we want to prevent hackable accounts causing problems, require ALL admins to change their password regularly. And is there any way to show on the password reset page the results of that little handy tool Guy Macon links to below? If admins are told when they reset their password how hackable their password is, and just how attractive a target WP is, I would assume good-faith admins would go ahead and create an unhackable phrase rather than coming up with yet another version of pa55w0rd. And if after that they still do create a crap password and get hacked, THEN they get punished lol valereee (talk) 12:21, 25 November 2018 (UTC)[reply]
  • Support. Inactive bits must be frozen. But given the number of administrators who are not convinced that security issues could be more than a "set-up to thwart Ivanka" ... we will probably have to wait for a big drama, followed by panic countermeasures imposed by SanFran. Pldx1 (talk) 14:43, 25 November 2018 (UTC)[reply]
  • Support. I would want admins to be actively using their tools, but I disagree "logged actions" being the cut-off. Instead, I would want to extend this to any activity that could not be performed by a non-admin. I would want to have a notice given for admin accounts that are performing edits on a semi-regular/regular basis for the impending removal of rights, but for completely inactive accounts the notices seem unnecessary. Only providing notices to accounts with more than just a couple of edits a month would help to circumvent the problem of admins hogging their admin privileges when they are inactive. Dreamy Jazz 🎷 talk to me | my contributions 16:52, 25 November 2018 (UTC)[reply]
  • Oppose. I have been an admin for over ten years. I am an active editor; I'm on pretty much every day. My understanding always was that admin privileges are intended to be used sparingly. I try to warn vandals rather than block and I don't waste effort blocking IP accounts that appear to come from public terminals in schools. Usually after being warned and reverted a couple of times vandals just go away. I try to help settle disputes where I can and that often makes me an "involved editor" so I sometimes have to rely on other admins if my efforts fail and blocks are needed. A few times when I did use my bit, it just made a bad situation worse. Nonetheless, there are times when I do use it and often having to wait for permission to get it back would allow damage to persist too long. I would not object to tighter authentication requirements for admins, perhaps re-authentication when the bit is used after an absence from editing (rather than relying on "keep me logged in"). But I don't think admins who are active on the project should be incentivized to use their privileges any more than they deem necessary.--agr (talk) 17:35, 25 November 2018 (UTC)[reply]
  • Support If you do not use your administrator rights you do not need them but i oppose the requirement of 2FA as not all admins have phones and the way Wikipedia uses 2FA has issues Abote2 (talk) 22:20, 25 November 2018 (UTC)[reply]
  • Oppose. Wikipedia is becoming more punitive. People should always be notified when things are planned that affect them. There seems to be a trend toward trying to make people do things in a particular way or in a particular time frame recently. I contend that this attitude is driving users away. As a volunteer organisation we should be doing everything we can to retain and encourage users. Also rushing to change policy in reaction to a specific situation is never a good idea. Morgan Leigh | Talk 22:28, 25 November 2018 (UTC)[reply]
  • Oppose. This is security theater. We are going to have compromised accounts and do need processes in place to prevent it, mitigate the damage, and allow recovery. The reduction in the size of the attack surface that would result from this policy change is simply not significant, and the consequences for editor engagement over time are considerable. The Uninvited Co., Inc. 00:22, 26 November 2018 (UTC)[reply]
  • Conditional support on the condition that any former sysop who hasn't fallen short of the 3-year lengthy inactivity rule can regain the sysop flag anytime via WP:BN. In other words, I would support this proposal for as long as it only removes the technical permission of an admin who still edits occasionally but hasn't used any admin privileges, but retains the policy permission for those admins to regain their technical permission whenever they need it back. Also strong oppose requiring the current implementation of WMF 2FA per diversity issues raised by Risker et al and the technical issues raised on phab:T172079. Deryck C. 16:05, 26 November 2018 (UTC)[reply]
  • Strong Oppose -- This won't solve any problems. Just see the recent temporary desysop of Killiondude. The account was compromised and the real editor had edited the day before. I would much rather see an actual activity requirement of say 25 logged actions per year (edits; blocks; user right changes; whatever). -- Dolotta (talk) 16:47, 26 November 2018 (UTC)[reply]
  • (edit conflict) Support the bit can be returned on request. There shouldn't be mandatory 2FA for all admins, as it might be too difficult for some. Besides, how would one get 2FA before, since if I recall users without advanced rights (admin, CheckUser, oversight, etc.) can't use 2FA. SemiHypercube 16:51, 26 November 2018 (UTC)[reply]
  • Support -- as long as it is easy enough to reinstate in extenuating cases (which seems to be the case here) no harm no foul.--Esprit15d • talkcontribs 00:02, 27 November 2018 (UTC)[reply]
  • Strong Oppose, ah, here we go yet again down the slippery slope. I've always seen admin activity requirements as unhelpful for a number of reasons, including but not limited to the effect that this would have to de-diversify the admin population, effectively shutting down the possibility of adminship to those who may not have reliable secure internet for long periods--military deployment, missionary work, humanitarian aid, and the like. Not even requiring notification adds an addition slap in the face for those who frankly have donated a lot of their free time to the project already. Andrew Lenahan - Starblind 18:54, 27 November 2018 (UTC)[reply]
  • Oppose – Right spirit; wrong proposal. Normal edits should count toward admin activity, since by editing actively, admins, who are of course all virtuous and knowledgeable, can show by example so admin actions don't have to be performed. Inform people that the bit is about to be taken away, especially because real admin activity, such as DYK actions, aren't even being counted. However, I'd make the activity requirement higher, like average one action a day, not a year. How does someone who does less vandal fighting in a year than I'm apt to do in a day get to keep their key to the executive broom closet? Dhtwiki (talk) 07:47, 28 November 2018 (UTC)[reply]
  • Support but I agree with Dhtwiki that this should just be about keeping your account active in general, not about making demonstrably 'admin' actions. To me, the point of de-sysopping inactive admin accounts is to maintain security of an account that has no one on the other end of it. If an administrator is active in any way, that means he or she is logging in regularly, (hopefully) changing the password and keeping it secure, etc. If we want to de-sysop an otherwise active sysop for lack of admin-specific activity, that's fine, but we should be doing so for all advanced permissions and separately from this proposal. CThomas3 (talk) 19:53, 28 November 2018 (UTC)[reply]

Questions about admin actions that are not logged as such

  • Comment - In theory, I support tighter guidelines on whether or not an admin is really making use of their tools. However, as pointed out above by Jo-Jo Eumerus and others, there are certain actions that require admin access, but are not logged as admin actions. DYK is a prime example, as some editors have become admins specifically for helping out on that project. There are some admins I see using their tools at DYK, and don't run across them elsewhere, but are vital to assisting that project. Devise a tool that logs ALL admin usage of tools, and I might be more willing to support this. — Maile (talk) 19:50, 22 November 2018 (UTC)[reply]
    DYK has come up a couple times. I'm not so familiar, but what do admins do at DYK that requires admin access but isn't logged? IMO it should be logged, or it should not require admin rights. Ivanvector (Talk/Edits) 19:58, 22 November 2018 (UTC)[reply]
    They use editprotected. --Izno (talk) 20:01, 22 November 2018 (UTC)[reply]
    Ah I see. Surely we could (should?) log edits to protected pages? Maybe that's a separate discussion too. Ivanvector (Talk/Edits) 20:10, 22 November 2018 (UTC)[reply]
    @Ivanvector: technically they are already logged, just not in any manner that is easy to find. Obviously "group" edits (like MediaWiki:, .json files, etc) are easy to filter, but the other ones are not. I wonder if this is a red herring though (i.e. how many admins are completely inactive in all logged actions but still routinely use editprotected?) — xaosflux Talk 20:43, 22 November 2018 (UTC)[reply]
    Does it require admin tools to create and maintain bots and scripts? That's also a key part of DYK. — Maile (talk) 20:37, 22 November 2018 (UTC)[reply]
    I don't believe so, I think anyone can operate a bot if it's approved, unless it's a bot with admin rights. Scripts might require interface admin now, I'm not sure. Ivanvector (Talk/Edits) 21:08, 22 November 2018 (UTC)[reply]

The last 10 humans, and the operator of the last bot, to edit Template:Did you know, made their most recent logged admin action this long ago:

Admin Last logged
admin action
Days ago
Alex Shih 2018-11-18 4
Anarchyte 2018-11-22 0
Art LaPella 2018-07-13 132
Shubinator (operator of DYKUpdateBot) 2018-03-26 241
Dumelow 2018-11-05 17
Fish and karate 2018-11-21 1
Fram 2018-11-22 0
Gatoclass 2016-09-22 791
Huon 2018-11-21 1
Mike Peel 2018-11-09 13
Vanamonde93 2018-11-19 3

As you can see, Gatoclass is the only one who would lose their adminship with this proposal. Thryduulf (talk) 22:51, 22 November 2018 (UTC)[reply]

Thryduulf of the ones you list above, Shubinator is unique in that his bots keep the process running. He's the only one who would know what admin actions he's taken that don't show on his normal logs - but I think DYK would be up a creek without him behind the scenes. You don't list Wugapodes, and his logs look pretty active, but he operates WugBot that is also essential to the DYK processes. The others are directly involved in the edit protected areas of DYK that directly affect what appears on the Main Page. — Maile (talk) 01:34, 23 November 2018 (UTC)[reply]
I believe I wasn't listed because I'm not an admin, only pending changes and (recently) new page reviewer. WugBot doesn't have editprotected rights and doesn't need them as the approved page isn't under full protection, just the Queue for the mainpage. Wugapodes [thɑk] [ˈkan.ˌʧɹɪbz] 02:47, 23 November 2018 (UTC)[reply]
Although my understanding of logging administrator actions is dim, I believe I could have been desysopped for one year of miscalculated inactivity from Sept. 15, 2014 to Sept. 25, 2015, and also Sept. 26, 2012 to Apr. 22, 2014. That's logged actions only. Realistically, I'm far from inactive; I proofread everything on the Main Page, not just Did You Know. So it isn't just Gatoclass. But if you'd rather fix typos without me, my business could use more attention. Art LaPella (talk) 06:03, 23 November 2018 (UTC)[reply]
I saw that filter you're working on, it looks good so far. As for viewdelete, are there really that many admins that only look at deleted pages and do nothing else? Ivanvector (Talk/Edits) 15:02, 23 November 2018 (UTC)[reply]
Indeed, while you can have admins look just to answer individual's questions (why was it deleted etc), usually I'd expect it to be associated with one of:DELREV, CSD, Salting/Unsalting, copyvio, block discussions. Nosebagbear (talk) 15:21, 23 November 2018 (UTC)[reply]
I mean I'm sure there are cases where you just look at a deleted page and then do nothing else. But does anyone only look at deleted pages, but never do anything with them, or any other logged actions? That seems unlikely to me, but then again I was wrong about DYK and editprotected, so as it turns out I don't have all the answers. Ivanvector (Talk/Edits) 18:25, 23 November 2018 (UTC)[reply]
Personally, I feel viewing a deleted page to be something that an administrator is authorized to do, but not an administrative action in itself. Using the knowledge gleaned from this to weigh in on a discussion would be an administrative action. However I don't see any way to log this automatically. isaacl (talk) 23:17, 23 November 2018 (UTC)[reply]
  • Also noting that I oppose counting non-logged admin actions that is next to impossible to track after the fact. Seriously, it really isn’t that difficult to do one completely non-controversial logged action a year, and handwringing over something that is easily reversed and can be easily fixed for a year isn’t justified, especially given the extra work that would be required. I would support keeping the one year notice, though. TonyBallioni (talk) 22:35, 23 November 2018 (UTC)[reply]
  • It does appea that DYK is the single exception where an admin is actually doing useful admin work without logging any actions. As demonstrated above thsi would impact only one single admin's rights. That doesn't seem sufficient cause for not doing this, we can just IAR for that one admin. Beeblebrox (talk) 02:09, 24 November 2018 (UTC)[reply]
    At least two admins. And probably Shubinator. And it's the complete Main Page, not just DYK. Art LaPella (talk) 03:49, 24 November 2018 (UTC)[reply]
    I actually provided another example in this very thread.--Ymblanter (talk) 08:24, 24 November 2018 (UTC)[reply]
  • I think that one of the most valuable things that administrators do is say no....say no to blocking someone, say no to protecting a page, say no to deleting... And yes, there's lots of work happening in places like Arbcom enforcement and even admin noticeboards by admins who don't need to take logged admin actions in order for them to be effective as administrators. If someone is actually around and doing things, it really doesn't matter whether or not they're doing logged admin actions. I will make a proposal above. Risker (talk) 02:17, 24 November 2018 (UTC)[reply]
    • But do you think it is reasonable for an administrator to say no to literally everything? All they have to do is say yes one time (or however many actions the limit is determined to be). If we have a sysop that is saying no to every request, I would find it very hard to believe it is not a WP:POINT situation, and they should not be an admin anyway. Natureium (talk) 13:46, 24 November 2018 (UTC)[reply]
  • As I understand it, there is currently no logging of the use of admin accounts to view deleted edits. This is one of my most common uses of the tools, for example in checking out a candidate or potential candidate at RFA. I'm actually a little uncomfortable about the idea of an admin account quietly lurking and occasionally being used to view deleted edits, but we have in the past had a very active nominator who made little or no use of the tools apart from viewing deleted edits. So I would welcome some sort of log that at least recorded when an admin had last looked at deleted edits, provided it didn't log what specifically they viewed. ϢereSpielChequers 13:32, 24 November 2018 (UTC)[reply]
    I've created a AF log for "protected edits" that can be seen here: Special:AbuseFilter/942 - a 'viewdelete' log would require software changes so its a bit hard. For example @WereSpielChequers: can you point out any specific admins who have gone a year with no protected edits, no logged actions - that you think are still using viewdelete usefully? — xaosflux Talk 15:52, 24 November 2018 (UTC)[reply]
    Great, thanks.--Ymblanter (talk) 16:09, 24 November 2018 (UTC)[reply]
    @Xaosflux Thanks. As I said we had an active nominator in the past who as I remember it had not otherwise used the tools for some time. I don't know if there is such an admin at present. But there are plenty of occasions where view deleted is useful, if you are about to recreate a previously deleted page sometimes the only way to know that the previous A7 deletion was of a "14 year old professional skateboarder" and unlikely to be the same person as the diplomat or academic of the same name who you are writing about. ϢereSpielChequers 16:42, 24 November 2018 (UTC)[reply]
    Will this filter be automatically disabled if it matches more than 5% of edits, or does this wiki have a different setting for $wgAbuseFilterEmergencyDisableThreshold? I don't see anything about this on Wikipedia:Edit filter. I've run into that problem a lot on other wikis where I've worked with abuse filters, and I'm guessing the restriction was put in place to prevent situations like this incident that occurred here. Or is this not a concern because there are so many edits to English Wikipedia that it would never reach 5%? ekips39 (talk) 22:23, 24 November 2018 (UTC)[reply]
    @Ekips39: the sheer amount of other edits should keep this down, it is currently running at about a 0.02% hit rate against edits. — xaosflux Talk 04:20, 25 November 2018 (UTC)[reply]

Alternative ideas

This has been a very good discussion and I'm very impressed with the diversity of comments, thanks everyone. I've definitely learned some things and had my assumptions challenged. Based on the key points raised up to this point I have an alternative suggestion:

  • An account is considered inactive when it has no presence on the website at all (no edits, no logged actions) for 91 days.
  • When an account is flagged inactive, we force a password reset and send the accountholder instructions to change their password, by email (if the account has email enabled) and with a notice on their user talk page. (The current password reset instructions are here)
  • If/when the user wants to resume using their account, with all its previous permissions, all they have to do is reset their password.
  • Since the password must be reset before the account can be used again, no permissions are changed (unless the account becomes subject to the lengthy inactivity policy)
  • I believe requesting a password reset counts as a logged action; it's present in the Checkuser log at least but of course that's not public, and it rotates after 90 days anyway. At any rate, the accountholder resetting their password should reset the 91 day clock, and if someone wants to string along keeping their admin access by resetting their password every three months, that's not really a security issue.
  • 91 days is just an illustrative number I pulled out of my ass, it could be any reasonable number.
  • Two admin accounts (at least) and several others with other advanced permissions have been compromised while we've been talking about this.

I think that this catches all of the concerns raised about admins who are active but don't log actions, about automatic removal of permissions, and about accounts being hacked due to old reused password hacks on other websites. Some issues are:

  • Accounts that don't have email enabled or accountholders who lose access to the email they provided on sign-up could be locked out. I think these situations can be handled by contacting Arbcom but I've never had to so I don't really know.
  • Accounts that are active will never be required to change their password, but that's already the case.
  • There is nothing in this alternative (nor in the original) that requires strong passwords or extra authentication factors, other than having an email address.

Any thoughts on something like this? Ivanvector (Talk/Edits) 15:52, 24 November 2018 (UTC)[reply]

The WMF security team is actively working to introduce technical measures that will prevent future attacks along the same vector that compromised the most recent two admin accounts. I'd argue that they are the experts and should be the ones making the call in this area. Us debating the pros and cons of each potential security measure not only exposes all of their cons in public, making it easier for an attacker to work around, but also is far less effective because most of us aren't experts in the area.
My suggestions is to limit discussion on this topic to what would generally promote account security, without getting into detailed technical solutions. De-flagging inactive accounts is good because it reduces the attack surface. I feel like any of these discussions are more about punishing the barely-active admins who dare to have other things going on in their lives than editing Wikipedia rather than actually being about security best practices, but I guess it's at least being considered. -- Ajraddatz (talk) 16:59, 24 November 2018 (UTC)[reply]
I disagree pretty much with everything you've said. "The office is working on it" is no substitute for community discussion on local policies, especially since the security team does things in a silo, slowly, with no accountability to the actual users of this project. There is no sinister ulterior motive here to punish anybody, or drive anyone away, or ... anything, I apparently can't anticipate the bullshit schemes people are going to insist on reading into this. It's about security best practices, and responding to an actual and ongoing security threat in any way that the local community is capable, because the security team has not. You seem to think that this hacker is an idiot and isn't already aware of all the things being discussed here, like these are brand new ideas that haven't already been implemented by security-conscious websites pretty much everywhere in the world for years now. The website haveibeenpwned.com has been tracking security breaches for five years of exactly the sort of info that's very likely being used to hack idle accounts here, and the best innovation we've had from the WMF in that time is a beta 2FA implementation that's problematic for many users, if the WMF allows them to use it at all. We don't need more vague promises that the under-resourced WMF has "top men working on it", we need a response now. Anything less is grossly irresponsible. Ivanvector (Talk/Edits) 18:47, 24 November 2018 (UTC)[reply]
I think the hacker is aware of discussions like this, or at least able to find them. I'll email you about some of the other points. -- Ajraddatz (talk) 18:55, 24 November 2018 (UTC)[reply]
Just to note that how we are having admin-account vandalism has been publicized (even though it would take just a bit of reading on en.wiki to figure out what's been happening). This basically means that the security hole due to the ability hack into admin accounts could get worse. --Masem (t) 01:48, 25 November 2018 (UTC)[reply]
Would it help to send an e-mail to all administrators alerting them on the incident and asking to evaluate the strength of their password and to change it if necessary? Those who do not have e-mail enabled can get a talk page message.--Ymblanter (talk) 10:41, 25 November 2018 (UTC)[reply]
  • A simple alternative While not having much of the finesse of Ivanvector's latest proposal in this section, using recent-ish changes it would (I believe) be trivially simple to assign the bit as a temporary (365 day) permission, with an expiry on the anniversary of the admin's initial grant of the bit. Perhaps a 24hr pause before re-granting to anybody who had absent for a significant period. Simple to do, no new infrastructure needed, no advertising of inactive accounts - I think this meets the requirements. Cabayi (talk) 14:28, 27 November 2018 (UTC)[reply]

Separate section for comments that are only about 2FA

  • Regarding 2FA, I don't remember (or just don't now, really) if anyone has access to stats on which accounts have it turned on or not. If we do, and we're not yet comfortable requiring it to be turned on for admins, maybe we can do something like enforce periodic password resets for admins that don't opt in. That's not part of this proposal, I'm just throwing out ideas. (I have 2FA turned on, ftr) Ivanvector (Talk/Edits) 19:27, 22 November 2018 (UTC)[reply]
    Well, I have a password which can not be broken. I do not want to turn on TFA because I (almost) do not use a cell phone. I am not sure why WMF thinks they are more clever than I, and I am already unhappy with 2FA requirement for interface admins - I will possibly have to resign my interface admin rights, but if RFA is required for all admins, I am not sure what I am going to decide. If you want to lose admins with zero benefit, this is probably the way to go.--Ymblanter (talk) 19:33, 22 November 2018 (UTC)[reply]
Neither a data plan nor a smart phone is required. All 2FA processing is done off-line, using a seed number and the current time to generate a key. Apps such as Google Authenticator and FreeOTP can run on any Android or iOS device without a data connection (and FreeOTP can be downloaded on your PC from here and sideloaded onto an Android device if WiFi isn't available for installation). If you do not have a smartphone/pda/media player that runs Android or iOS, you can get PC-based programs to generate the codes (WinAuth and Authy seem to be the most popular, and there are more options available for Linux-based computers such as gauth and oathtool). --Ahecht (TALK
PAGE
) 19:46, 26 November 2018 (UTC)[reply]
This is a good discussion, but I've broken it out from the main proposal so as not to distract too much. I like our 2FA implementation because I always have my phone with me, and because my phone is also my authentication device for my office email, but of course it's not perfect for everyone. We could fall back on the "email you a code" type 2FA that some other sites use (Steam is one, and I hate it, my email server is slow) if it were possible to choose different authentication methods. Again, just a thought. Ivanvector (Talk/Edits) 19:55, 22 November 2018 (UTC)[reply]
In light of the number of reset requests I am wondering if the current 2FA methods run too high a risk of getting locked out of one's account. Besides, not all people are tech savvy enough to work with one device 2FA or have more than one device available at any time. Jo-Jo Eumerus (talk, contributions) 20:36, 22 November 2018 (UTC)[reply]
  • You would have lost me as an admin if you'd required TFA. Not only is it far beyond my level of technical comfort, and makes it all too easy to get locked out, I'm not going to spend $400 plus data plan for a smartphone for Wikipedia or anybody else. Massive imposition for little gain to the project in terms of security. Yngvadottir (talk) 22:55, 22 November 2018 (UTC)[reply]
  • Ditto. I act as an admin as a favour to Wikipedia, sysop status isn't a favour Wikipedia does to me. I have no intention of committing to permanently owning—and having permanent access to—an expensive piece of technology which requires a permanent and expensive subscription. purely because Wikipedia is having one of its periodic bouts of security paranoia, and if that means someone else has to clean out CAT:EX instead of me I believe I can live with the loss. ‑ Iridescent 23:01, 22 November 2018 (UTC)[reply]
@Iridescent: I can understand where you, Ymblanter, and Yngvadottir are coming from in relation to having 2FA be a requirement, but it's not as much of a commitment as the ghastly WP:2FA leads on. The most popular applications for this process are for mobile (namely Google Authenticator and Authy), but PC-based applications exist too. There are a few listed here, and there are others, like WinAuth for Windows. If you use Google Chrome, Authy has an available plugin. Unfortunately, I was unable to find any for Mac (that were not already listed) or Firefox. I didn't bother looking for Safari ones, and Brave, along with Opera I believe, primarily use Chrome extensions. Internet Explorer/EDGE are both a mess, so I'd recommend to anyone using those to swap browsers anyway. If losing the codes is what your worry about, scratch codes are generated when you enable 2FA. Email these to yourself and you'll never lose access to your account, even if you lose or change device. Anarchyte (talk | work) 23:33, 22 November 2018 (UTC)[reply]
gauth is available for Firefox. I should also note that Google Authenticator does not require a "perminant and expensive subscription", and it doesn't even require any internet acess beyond the initial installation (which can be done via WiFi). Used android devices are readily available cheaply ($10-$20) without a data plan if you don't need the latest and greatest flagship model. --Ahecht (TALK
PAGE
) 19:53, 26 November 2018 (UTC)[reply]
  • Just noting as I did above that there are multiple functionaries that do not have 2FA, and for a variety of reasons, I would not even want to force this on CheckUsers or Oversighters, including but not limited to the fact that the security paranoia that Iridescent describes is very real and there are some plain insane ideas on functionary account security out there and there is a part of me that fears making this a requirement would be a slippery slope to some really dumb measures that would make a lot of people quit (yes, slippery slope is a bad argument, but WMF projects tend to make technical changes all at once if they ever happen.)
    That was all about functionaries, who I think should have a higher level of account security than admins because of the ability to access personal data. If we currently don't require CU/OS to do it, and I don't think we should, we certainly shouldn't extend the requirement to admins without those tools. TonyBallioni (talk) 01:36, 23 November 2018 (UTC)[reply]
    @TonyBallioni: it is being discussed see phab:T197160. — xaosflux Talk 05:55, 23 November 2018 (UTC)[reply]
    Xaosflux, thanks. -revi pointed me to the CU one and one for changing user rights. My general view on this is what I said in the CU one: there is no world where it should be more difficult to run a CU than it was for me to wire money to buy a house, which is an accurate description of some of the suggestions that have been made re: 2FA and the CU tool. TonyBallioni (talk) 06:17, 23 November 2018 (UTC)[reply]
  • Wikipedia, and the entire Wikimedia movement, is committed to creating and maintaining a diverse community. That means including people who have limited access to technology (in some cases, even limited access to software), people who do not have a lot of money, people who live in countries where it is not legal to own certain types of technology (or could result in significant state surveillance if owned). This is not an abstract concept - I personally know administrators who live well below the poverty line, some of whom don't even own their own computers; others who can't afford to maintain a second piece of technology like a mobile phone; and still others who live in countries where using 2FA would probably result in their being incarcerated. Frankly, there's almost nothing that an admin account can do that will result in any real level of off-wiki scrutiny. Admin accounts that go rogue are pretty easily globally locked. I also completely and fully endorse everything that Iridescent said. This is security theatre and is completely out of proportion to the problem it's trying to solve. Risker (talk) 04:51, 23 November 2018 (UTC)[reply]
    • Risker, not to mention that the most recent confirmed account compromises involving stewards (which *actually* could have had real life implications given the potential access to CU data on multiple projects) could not have been stopped by 2FA. TonyBallioni (talk) 04:59, 23 November 2018 (UTC)[reply]
      • @TonyBallioni: Would you be able to link me to these compromises involving stewards? I haven't been keeping up, but I don't entirely understand how 2FA couldn't have stopped it (unless their computers were infected, in which case nothing would have prevented it as they were already logged in). Anarchyte (talk | work) 05:05, 23 November 2018 (UTC)[reply]
I can confirm it has happened, but currently there is no on-wiki postmortem. — regards, Revi 05:10, 23 November 2018 (UTC)[reply]
And I can confirm that even those stew with 2FA were compromised. I can't talk about the details per BEANS (and other security constraints). — regards, Revi 05:12, 23 November 2018 (UTC) [ Clarification: The stew with 2FA compromised is NOT related to this incident. I'm talking about the past incident. — regards, Revi 03:42, 25 November 2018 (UTC) ][reply]
Thank you for the (albeit restricted) clarification, -revi, though I can't help but think that something else must have also played a role in the compromising of the accounts. Having two separate devices prevents malware from getting to both the username and password, and the ever-generating 2FA code (I could give you my current 2FA code and it would be useless by the time you read this message). This is especially true given the major authenticators do not use accounts and are wiped if they're reinstalled (and, in the case of iPhones at least, are not saved to iCloud or iTunes when backed up to a computer). If someone's LastPass or 1Password are hacked and their 2FA system is compromised, then its not the fault of the system but rather the poor security employed by the account holder. This is all under the assumption that all the issues were at the user's end and that someone didn't just walk up to a computer with a logged in account (in which case ∞FA wouldn't have prevented it). Anarchyte (talk | work) 05:30, 23 November 2018 (UTC)[reply]
Requiring someone to own two separate pieces of expensive technology in order to be an administrator on a Wikipedia project is completely inappropriate and extremely exclusionary to anyone who doesn't have the ability to pay out thousands of dollars a year. We choose administrators because they are sensible, not because of their bank accounts or geographic location. Americans in particular seem to find it shocking that in a lot of countries, the phone that costs $200 in the US costs six months' wages, and that in other countries the typical internet connection costs 10-15 times as much as the average American family will pay. I pay about 3 times as much as the average American for considerably less access. Risker (talk) 05:55, 23 November 2018 (UTC)[reply]
@Risker: I noted this in a response above, but you do not need to devices to enable 2FA. Sure, it's more "secure" to use more than one, but downloading WinAuth for Windows (which has an extra layer of protection through a password and locking the data to your Windows user account) or Authy for Chrome accomplishes the exact same task. The only thing preventing someone from installing those pieces of software (or a Mac equivalent on this list) would be if the device has restrictions preventing non-vetted exes from running or if they are locked to a clean web browser.
I tested WinAuth while writing this response and it was very intuitive. See here for an image gallery explaining the process. Anarchyte (talk | work) 06:45, 23 November 2018 (UTC)[reply]
Good on you for trying to find a solution, Anarchyte; I do appreciate the effort. But again, it is entirely dependent on the user owning certain technology. It does not address the person who edits from school or public libraries, for example; as I've worked my way through the Wikimedia world, I've learned that what we take for granted here in the "Western" world is not the norm in the rest of the world. The WMF has already identified increased diversity as a critical goal in the coming decade, and so solutions need to be developed that not only accommodate but are actually focused on ensuring that people who don't own computers/smartphones can actively participate in our projects, and there are quite a few projects of languages from the poorest countries in the world. I'd like to encourage you to think more about how we can ensure that those projects can have their own admins - because we all have seen that once rules like this get applied to enwiki, they go through all of the Wikimedia projects unless there's an extremely concerted effort by a very big player (like German Wikipedia, for example). Risker (talk) 09:13, 23 November 2018 (UTC)[reply]
@Risker: Hmm, yeah. I didn't consider the precedent this would set. 2FA is a very loose term and doesn't have to be auto-generating 30-second-life-span codes accessed through secondary devices. An idea Ivanvector mentioned above, that I've also had experience with, is having codes emailed to a user. These will last longer (a few hours), have basically the same effect (prevent people from entering an account through a username/password breach), but will be slightly less secure due to the account's standing being entirely dependent on one outlet (the email address). Another idea that Steam and a few other applications use, like Facebook and Google, is remembering devices rather than browsers. I have literally no idea how this could be implemented (especially as it's a website rather than an app), but the gist is to have it so the user sets a device as being "okay" and then when the user logs in from these devices, it won't ask for verification. This prevents easy log-ins from hackers with one's username and password but doesn't hinder the account holder (usually). Anarchyte (talk | work) 10:03, 23 November 2018 (UTC)[reply]
"Remembering devices rather than browsers" is a total non-starter. As Risker says, it's easy for the core "relatively wealthy middle-aged people in Five Eyes countries" editor base to lose sight of the fact that sizeable chunks of the editor base don't operate on the same "home computer and a cellphone" basis. We have people who edit from work where they might be using a different terminal each day; people who edit from public libraries where it will obviously be inappropriate to install software; people who live in places China and Belarus where using any kind of secure system will make the authorities assume you're up to something and start prying into your private life; a fairly large contingent of serving military who edit Wikipedia as a hobby in their downtime on base and for whom installing unauthorized software on the computers or suspicious activity on their personal devices would likely get them locked up… If there were a genuine, serious issue to address then it would conceivably be justifiable to de facto ban particular chunks of the editor base from becoming admins, but since nobody's demonstrated any problem more significant than "a handful of admins used the same password for Wikipedia and Twitter and failed to change it when Twitter's password database leaked", that would seem to be a sledgehammer/nut situation. ‑ Iridescent 10:31, 23 November 2018 (UTC)[reply]
You're right, Iridescent. The email idea was the one I was going with to resolve the issue of not having a designated device and the "remembering devices rather than browsers" was to try to alleviate the concerns of those who think 2FA is too much of a hassle. Apologies if this wasn't clear. Anarchyte (talk | work) 10:48, 23 November 2018 (UTC)[reply]
(edit conflict) Without saying too much, this really wasn't a 2FA problem. I'm not anti-2FA (I use it myself and recommend anyone with advanced permissions where it is practical do so), but I also recognize there are valid reasons not to have it. Some financial. Some personal. Some just ease of using the technology, which can be an issue. It isn't a silver bullet and while it does provide an added layer of security, the fervor with which it is promoted when a high-profile compromise happens can miss the point that it is simply one tool for protecting your account, and that people should take reasonable steps to have a secure account as fits their particular situation. Mine allows for 2FA. I know of several functionaries where their situation doesn't allow for it. They all take reasonable precautions with their accounts, which is really all we can ask of them. What I would really like to see is a WMF password audit, as that would likely be a much more high yield activity, but I suspect that isn't happening anytime soon. TonyBallioni (talk) 06:53, 23 November 2018 (UTC)[reply]
Mandating 2FA would impose additional hassle on hundreds of administrators. And what problem would it solve? We had a compromised admin account. It made 8 or 10 admin actions, it was globally locked, the actions they had made were reverted, done. Pragmatically in terms of "person hours" it is much quicker to resolve such issues in the way we currently resolve them then it would be to make every administrator jump through 2FA hoops, all the additional hassle for stewards resetting passwords when people bodge up their login or lose their phone, and so on. Mandating 2FA would be an overreaction to a very infrequent problem. Fish+Karate 09:21, 23 November 2018 (UTC)[reply]
  • For what it's worth, I'm also opposed to mandatory 2FA for any level of account. I use it myself because it works for me, but I absolutely understand that there are technological and financial challenges with WMF's implementation (and/or in general) for many users. Strong passwords and good password hygiene are also important, but we can't really mandate those things, we can only advise and recommend. Just to add info to the pile, I use a password manager along with 2FA wherever it's available, I use passwords generated by the manager or xkpasswd for things I really need to remember, and I've moved money out of accounts with banks that still use a six digit number as an internet password. Ivanvector (Talk/Edits) 14:59, 23 November 2018 (UTC)[reply]
  • Given the problems that come with it (both inherent and any via a flawed system) then I wouldn't say anyone short of a steward or IntAdmin should need it. In its ideal form I am neutral to obligating it for admins - but certainly not at this time. Nosebagbear (talk) 15:23, 23 November 2018 (UTC)[reply]
  • With the second administrator being compromised today (3rd one this year) it is time to make having 2FA be a mandatory component for all new Admins (passing a RFA), all Admins requesting simple Resysoping, and all advanced privilege (Requiring identification to Foundation) holders. We've seen what a compromised admin and oversighter can do. Fundamentally the 2FA is one of the least intrusive ways to make the attack surface more difficult to succeed at. Hasteur (talk) 22:39, 23 November 2018 (UTC)[reply]
    • Hi, Hasteur. The WMF does not require identification of advanced permission holders, and has not required this for several years. There are many reasons for this; amongst the more important is that they do not have a method of securely storing the identification information, and the simple fact that they will not be able to verify that the identification documents sent to them truly belong the the person behind the account. Instead we are all required to read and sign a confidentiality agreement with our logged-in user accounts. Risker (talk) 04:28, 25 November 2018 (UTC)[reply]
  • I oppose mandatory 2FA: a proper password is plenty secure, while with 2FA it's too easy to lock yourself out of your account. Imposing 2FA would also effectively mean requiring admins to maintain committed identities and so on to convince sysadmins to unlock their accounts. BethNaught (talk) 10:14, 24 November 2018 (UTC)[reply]
  • As others have pointed out 2FA is fine for a real world organisation where employees work several hours at a time and are identified to HR and company IT/Security. It isn't such a good fit for a volunteer organisation like this, and can actually militate against editor retention, specifically editors returning after multi year holidays - not a common issue for corporate IT. If password protection for admins needs to be improved, then set some software in place to force a password reset on any admin account with a password shorter than 16 digits. ϢereSpielChequers 13:05, 24 November 2018 (UTC)[reply]
  • I won't be using 2FA. 3 reasons: (1) I have a unique, long, password (as does the email account I use only for Wikipedia) (2) Having seen the results of an organisation I did some consultancy work for when they introduced 2FA ... yeah, you can probably guess the rest... (3) You seen the mobile reception round here? Black Kite (talk) 23:32, 24 November 2018 (UTC)[reply]
    @Black Kite: just to clarify, our 2FA solution is not "on line", that is no connectivity is required between the authentication device and anything else, not for enrollment and not for use. — xaosflux Talk 20:26, 25 November 2018 (UTC)[reply]
  • Heh, I accidentally locked myself out of my own account this morning. I logged out to use one of my alts, forgetting that I had just started a system update on my phone and couldn't access my authenticator app. I could've looked up my scratch codes to get back in but I didn't have anything urgent to do so I just waited for the update to finish. I'm just saying 1) it happens to people who think they know what they're doing, and 2) you can recover your account if you do something dumb like this, but it's a hassle (it's supposed to be a hassle). Ivanvector (Talk/Edits) 17:14, 25 November 2018 (UTC)[reply]

Mandatory 2FA considered harmful

Allowing 2FA is fine, as long as the scheme uses meets the requirements of [ https://pages.nist.gov/800-63-3/sp800-63b.html#sec5 ]. Encouraging 2FA is also fine. Requiring' 2FA is a really, really bad idea. It is security theater, and in general is less secure than simply using a long, easy-to-remember-but difficult-to guess passphrase.

https://www.makeuseof.com/tag/two-factor-authentication-sms-apps/

https://www.wired.com/story/two-factor-authentication-apps-authy-google-authenticator/

https://thestack.com/security/2016/04/08/anywhere-computing-makes-2fa-insecure-on-ios-and-android/

--Guy Macon (talk) 07:38, 23 November 2018 (UTC)[reply]

I'll note that the articles you provided counter your point of passphrases being good enough. "And remember, any 2FA is better than no 2FA. Yes, it might take you an extra 10 seconds to log into certain apps, but it’s better than sacrificing your security." "the few minutes it takes to set up an authenticator app are more than worth the benefit". Here are three articles that support the use of 2FA:
Calling it a security theatre is subjective, and the article from The Stack is contradicted as "anywhere computing" relates to syncing information across devices, and these applications don't do that (at least Google Authenticator and WinAuth). I can understand possible situations in which someone cannot enable 2FA, but I see little reason to not if you can. So what if it takes someone an extra two minutes to log in? I'd much rather have to do that every so often than wake up to find my account compromised because Wikipedia or the connected email was hacked. And that goes for most sites that offer 2FA (I might not use a site's 2FA if I rarely use the site, but if someone's an admin+, it's hopefully safe to assume they're somewhat dedicated). Anarchyte (talk | work) 08:23, 23 November 2018 (UTC)[reply]
Just to comment - it is pretty clearly security theatre to suggest that the way to prevent compromise of admin accounts is to apply 2FA, when the last two reported admin or higher account compromises would not have been prevented even if the compromised accounts had had 2FA. It is also pretty clearly security theatre to suggest that removing admin permissions at a lower threshold will prevent situations where the accounts need to be blocked/locked/desysopped, when the overwhelming majority of admin accounts that have been desysopped would have met just about any activity criterion the community could reasonably come up with. So yeah. Security theatre. Risker (talk) 09:24, 23 November 2018 (UTC)[reply]
We hear about the successful attacks to compromise accounts, but never the unsuccessful ones. While I'm doubtful it has occurred, we would never be able to know if someone managed to guess the password to an admin's account who had 2FA enabled. There's a ping if they get it wrong a certain amount of time, but nothing for getting 66% of the way there (33% each for username, password, and 2FA). If that's an example of a security theatre, so is requiring CVVs for credit cards. It's simply a fail-safe to prevent people from giving away all their information. You could take a photo of the front of your card and no one could purchase anything online. I could give you my password and you wouldn't be able to access my account. I'm not saying 2FA is the be-all-end-all; just like CVVs aren't. If they were, we would never have a breached 2FA-enabled account and we would never have to worry about people using someone else's credit card. It's an extra layer of protection. Anarchyte (talk | work) 09:47, 23 November 2018 (UTC)[reply]
That's a false analogy. Compromise of a credit card causes the real loss of real money. Compromise of a Wikipedia account—even an admin account—causes someone to be a mild nuisance for a couple of minutes before having their contributions rolled back. Even assuming every editor had access to the technological means to use 2FA, an additional 10 seconds per day adds up when you multiply it by 1000-ish admins (not to mention the opportunity cost of "I've just noticed a problem, but I won't bother logging in to fix it because it would mean going downstairs, finding the phone and turning it on"). There are theoretical ways a compromised account could do genuine damage and force the WMF to perform a database rollback, but they've never once happened. The risk from a genuine holder of advanced permissions leaking data or systematically disrupting is orders of magnitude greater than the risk from a potentially compromised account, and even installing iris recognition on the computers of every admin would have zero impact on admins becoming disgruntled, drunk, involved in personal vendettas, or just bored. ‑ Iridescent 10:46, 23 November 2018 (UTC)[reply]
Fraud is usually intercepted by the bank and the account gets locked with the money spent being charged back, when possible. With this said, the analogy wasn't to give perspective to the connotations, rather that fail-safes like 2FA are all around us. I agree with your other points, though. Anarchyte (talk | work) 11:01, 23 November 2018 (UTC)[reply]
Going off of Iri’s point, this just happened, and while the account claims compromise, that is unlikely and in every likelihood we had a CheckUser on another WMF project (who at one point had access to en.wiki data that was stored on CU-wiki) was operating a goodhand-badhand sock situation on multiple wikis. Compromise is a concern obviously, but the chance of admin socking or a functionary going rogue is actually a much greater risk in my view. Again, I am not anti-2FA, but I do think we need to have a realistic view of actual risks. TonyBallioni (talk) 22:45, 23 November 2018 (UTC)[reply]
Sure, but did we ever had breach of an account with say 20+ character password which was not reused on any other sites? Ideally if the recovery mail is also protected by a 20+ character password which has never been used elsewhere?--Ymblanter (talk) 11:17, 23 November 2018 (UTC)[reply]
People haven't been going around revealing their compromised passwords. Length isn't the defining factor, complexity is. See this 8-10GB file of hacked passwords and you'll see that while less common, accounts with randomised passwords still get hacked. These sites may not be Wikipedia (some are actually bigger: 150 million Adobe and 165 million LinkedIn accounts, for instance) but we'd be ignorant to assume we can't be hacked. Anarchyte (talk | work) 12:05, 23 November 2018 (UTC)[reply]
I kinda get the feeling that if we make 2FA mandatory, that will just become the next target. If we don't make it mandatory but everyone on the site still used 2FA (except me because my password would take "4.06 hundred million trillion centuries" to crack and isn't listed in any dumps) then passwords remain the more visible option (even if they only get my password well after homo sapiens is no longer a thing). If someone is not going to use 2FA, they need to check for their passwords on Have I Been Pwned? and if there's any chance it might have leaked, change it to something that will outlast the site. Ian.thomson (talk) 17:00, 25 November 2018 (UTC)[reply]
If credential stuffing is what's going on here, a better idea is to use a unique password on Wikipedia which you do not use and have not ever used on any other website. If it's a brute force attack then Macon's Principle is a good guide. And then there's session hijacking, and for that I don't know, but I do know if you log out of Wikipedia it logs out all of your sessions on all devices. Ivanvector (Talk/Edits) 17:10, 25 November 2018 (UTC)[reply]
In my experience, if you log out once you are logged out of all sessions at all devices. (Though I must confess I was this years in a situation on my ipad when I was logged on the English Wikipedia but not on Commons or Wikidata).--Ymblanter (talk) 17:41, 25 November 2018 (UTC)[reply]
Correct. Logging out of any Wikimedia site logs you out of all of them. Additionally, changing your password logs you out of all sessions besides the one used to change the password. In light of the recent events, I decided to changed mine (and my 2FA secret key) to verify this. I recommend other people do the same even if you think your password will take aeons to crack. Anarchyte (talk | work) 04:35, 26 November 2018 (UTC)[reply]

Macon's Principle

(If the following is too long for you, just read https://xkcd.com/936/ and https://xkcd.com/538/ ) and skip to the next section.)

Two factor authentication has its uses, but it is no substitute for a passphrase that is easy to remember and hard for a high-speed offline passphrase-guessing program to guess. I have decided to call this "Macon's principle" so that I don't have to type "choose a passphrase that is easy to remember and hard for a high-speed offline passphrase-guessing program to guess" again and again.

If you follow Macon's principle, 2FA or any other form of add-on security is not needed.

As explained at Kerckhoffs's principle and Security through obscurity, we are not to rely on anything other than having a sufficiently long (See Brute-force attack) passphrase without any easy-for-a-computer-to-guess patterns in it.

We are to assume that the attacker knows every byte of information on the WMF servers (and in fact the attacker may actually be someone who knows every byte of information on the WMF servers -- If a nation-state offered a key WMF employee millions of dollars if he complied and made a credible threat to torture and kill his family if he didn't, there is a 99%+ chance that they would end up knowing every byte of information on the WMF servers.)

We are not to assume that the attacker cannot perform a high-speed offline passphrase-guessing attack.

We are not to assume anything about the amount of cleverness and computing power that the attacker has, other than arguments based upon basic math and physics (The attacker cannot spend more time than the age of the universe, he cannot have more memory available than the size of the universe will hold -- that sort of thing).

The WMF does not store your passphrase anywhere. When you enter it it a cryptographic hash is performed and the result compared with a stored hash. This means that an attacker who knows every byte of information on the WMF servers can perform a high-speed offline passphrase-guessing attack, but cannot simply look up your passphrase and use it to log on.

So according to Kerckhoffs's principle, you should choose a passphrase that is easy to remember and hard for a high-speed offline passphrase-guessing program to guess. The passphrase should only exist in your mind; never write it down, never say it out loud, never store it on any computer or online system.

Bad ways to follow Macon's principle

  • Passwords instead of passphrases (single words instead of strings of words with spaces between them).
  • Random gibberish.
  • Short passwords or passphrases. 8 is awful, 16 is marginal, 24 is pretty good, 32 is so good that there is no real point going longer.
  • Character substitutions (Example: ch4r4ct3r sub5t|tut10ns)

Good ways to follow Macon's principle

  • Use a standard English sentence with proper grammar, spelling, and punctuation.
  • Make it longer than 32 characters and have it contain at least three (four is better) longish words plus whatever short words, capitalization and punctuation are needed to make it grammatically correct.
  • Make sure that sentence has never been entered anywhere on your hard drive (including deleted files) or on the internet. "My Hovercraft Is Full of Eels" is bad because a dictionary that contains every phrase used in Monty Python's Flying Circus would find it.[8]
  • Make it meaningful, easy to remember, and something that generates a strong mental image.
  • Make it meaningful to you, but unguessable by others (don't use your favorite team, first kiss, mother's maiden name, etc.)

An example of a good passphrase that follow Macon's principle would be:

 Sherwood painted his Subaru pink so that it would blend in with his flamingos.

(This assumes that you actually know someone named Sherwood and that he owns a non-pink Subaru. To make it easy to visualize and remember, you should use a name/car from among your acquaintances)

That's 78 characters that nobody in the history of the earth ever put together in that order until I wrote it. Typos really stand out (Sherwood paibted his Subaru pink so that it would blend in with his flamingos.) and are easy to correct. The sun will burn out long before the fastest possible passphrase-guessing program completes 0.01% of its search. And yet it would be far easier to remember than the far easier (for a computer) to guess HZn?m+jW1 would be.

(Side note: When I say "Use a standard English sentence with proper grammar, spelling, and punctuation." I mean use what you consider to be a standard English sentence with proper grammar, spelling, and punctuation. If, you, overuse, commas, and, kant, spel, that's fine as long as you do it the same way every time. And if you are better at Spanish, use what you consider to be a standard Spanish sentence with proper grammar, spelling, and punctuation. Just write your passphrase in whatever way you normally write. If you are handicapped in such a way that you cannot type the same thing every time, sorry, but you are hosed on Wikipedia or on any other system that requires a username or password. My advice also doesn't work if you are in a coma or are Amish and not allowed to use a computer. None of this applies to Wikipedia users.)

I could walk you through the math, but Steve Gibson has already done it for us. See [ https://www.grc.com/haystack.htm ]. Just type in your current password/passphrase and it will tell you how well it does against a brute force password guessing attack. The calculation is done locally, using JavaScript, so the password doesn't leave your computer.

If you don't want to risk typing in your password, try these 8-character test passwords (Generated from an atomic decay true random number generator):

  • HZn?m+jW (chosen from the 95 ASCII printable characters (01...89abc...xyzABC...XYZ `~!@#$%^&*()-_=+[{]}\|;:'",<.>/?) - 7.66 hours to crack.
  • PhBixXL4 (chosen from the 62 ASCII a-z/ABC-Z/0-9 characters (01...89abc...xyzABC...XYZ) - 36.99 minutes to crack.
  • qza7nm3g (chosen from the 36 ASCII a-z/0-9 characters (0123456789abcdefghijklmnopqrstuvwxyz) - 29.02 seconds to crack.
  • pgupwmxn (chosen from the 26 ASCII a-z characters (abcdefghijklmnopqrstuvwxyz) - 2.17 seconds to crack.
  • 54606559 (chosen from 10 ASCII 0-9 characters (0123456789) 0.00111 seconds to crack.

Try it with 12 characters, 16 characters, etc.

Now try "Sherwood painted his Subaru pink so that it would blend in with his flamingos." on the GRC calculator. The time to crack goes from minutes or seconds to ten billion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion centuries.

I should also mention dictionary attacks. My collection of cracking dictionaries is getting big enough that I will likely have to buy a bigger drive to hold them soon. (No, I am not a malicious hacker. Some companies hire me to evaluate their security. Or at least that's the story I am telling now... :) ) The good news is that if you use two words in a dictionary separated by a space, the time for an exhaustive search is squared, and with three it is cubed. The example I made up above "Sherwood painted his Subaru pink so that it would blend in with his flamingos." has 14 dictionary words. Even if the dictionary was really tiny (say, 1000 words), that's 10^42 guesses. And such a tiny dictionary is unlikely to contain "Sherwood" (with the capitalization) "Subaru", or "flamingos." (with the trailing period). So "Sherwood painted his Subaru pink so that it would blend in with his flamingos." is also ridiculously resistant to dictionary attacks.

--Guy Macon (talk) 17:21, 23 November 2018 (UTC)[reply]

How about also randomizing the sapces? E.g, S herwoodp aintedh isS ubarup inks ot hati tw ouldb lendi nw ithh isflamingos? ——SerialNumber54129 14:29, 24 November 2018 (UTC)[reply]
That would take exactly as long to brute-force crack, and how are you going to remember where you randomized the spaces? Ivanvector (Talk/Edits) 15:53, 24 November 2018 (UTC)[reply]
Exactly so. Randomizing the spaces violates one of my suggestions (Use a standard English sentence with proper grammar, spelling, and punctuation) and adds zero benefit. More importantly, Serial Number 54129 should have entered his suggested passphrase into [ https://www.grc.com/haystack.htm ] and compared it with "Sherwood painted his Subaru pink so that it would blend in with his flamingos." That would have told him the relative strength of the two passphrases against a brute force password guessing attack. --Guy Macon (talk) 22:13, 24 November 2018 (UTC)[reply]
Hm, just mentioning here that a very short phrase -- the names of my best friend's weirdly named cats -- shows as taking at minimum 38 centuries to crack. Which would actually protect me in every case except someone who knew me well enough to make that educated guess. Thanks for this info, Guy Macon. --valereee (talk) 12:06, 25 November 2018 (UTC)[reply]
Sherwood painted his Subaru pink so that it would blend in with his flamingos.
Trouble is, after a period of non-use, this could easily be misremembered as containing any one of
  • so that it would match
  • so that it blended in with
  • so that it would go with
  • so it would blend in with
et cetera. And that's just one part of the sentence: Sherwood might have sprayed his Subaru, or had it painted, or....
The XKCD suggestion is better, I think: just four words.
The next problem is that the Wikimedia websites require just one among perhaps fifty passwords that are required of me (many of them used only once a year or so). If I'm not to store them on my hard drive, then how should I remember them? -- Hoary (talk) 12:18, 25 November 2018 (UTC)[reply]
Remember, you should create a mental image Sherwood painting his Subaru pink and of it blending in with his flamingos. If the language first comes to your mind is "matching his flamingos" use that language, and create a mental image of him putting them next to each other and seeing if they match.
Last "problem" first: Use a password manager that keeps all of your passwords in an encrypted container so you only have to remember the one macon's-principle-compliant passphrase that accesses the rest. This also soles the "seldom used" problem; you end up using it a couple of times every day.
For most people Passsafe[9] is a good choice for a password manager. I often do engineering work inside of a factory in China in an industry (toys) where the threat of industrial espionage is high, so for me every webpage gets a password like this: weO'5QvWH6oeRjKQ;EU/I@alk#<0CJ5a/&FmHrV>/}O5]p{+Km}gJ~^e9'5=tznK and all of the passwords are stored as text files on a thumb drive that is encrypted using Veracrypt using multiple algorithms. Most people don't need that level of protection.
Next, it is not true that the XKCD advice is better than mine. That comic was written as an example showing that "correct horse battery staple" is easier for a human to remember and harder for a computer to guess than the "Tr0ub4or&3" alternative -- which it clearly is. Note that he assumes 1000 guesses per second, which violates Kerckhoffs's principle. We are not to assume that the attacker cannot perform a high-speed offline passphrase-guessing attack. We are not to assume anything about the amount of cleverness and computing power that the attacker has, other than arguments based upon basic math and physics (The attacker cannot spend more time than the age of the universe, he cannot have more memory available than the size of the universe will hold -- that sort of thing).
If you apply Macon's principle to the XKCD comic, you get the following very strong passphrase:
      The horse said "That's a battery staple". I replied, "Correct!"
Randall Munroe knows all of this, but I challenge anyone to fit all of the details needed to apply Macon's principle into a six-panel comic.
Here is a discussion of the math behind that particular comic:
http://security.stackexchange.com/a/6096/33
Or, as Bruce Schneier wrote: "This is why the oft-cited XKCD scheme for generating passwords [...] is no longer good advice. The password crackers are on to this trick."[10] --Guy Macon (talk) 16:18, 25 November 2018 (UTC)[reply]
Bruce is wrong about this, as several of the comments on his page point out. As long as the words in the passphrase are chosen uniformly randomly from a list or dictionary, the entropy of the passphrase can be computed from the number of words in the passphrase, N and the number of words in the list, L, as entropy = N*log2(L). If the entropy is high enough, cracking is not going to work. It doesn't matter that the cracker knows how your are doing this. One way to get uniformly random words is using dice. See Diceware. (COI alert, I'm the developer.) Your method, by contrast, requires people to exercise judgement on what is random enough, and there is plenty of experience to show that most people fail miserably at that. Also passphrases generated your way can easily be longer than many systems will accept. The latest NIST SP800-63b guidelines, linked above, require only 64 characters to be accepted. Your pink flamingo password is longer than that. And many (most?) systems do not even meet the NIST requirements. (Does Wikipedia?) And of course typing a passphrase that long without error, especially on mobile devices, is not easy. Making up a sentence using the random words is a great idea as a memory aid, but there is no need to make the sentence the passphrase.--agr (talk) 18:02, 25 November 2018 (UTC)[reply]
The diceware method is an excellent way of constructing a passphrase. I highly recommend it, especially if you use the EFF's long word list for five dice (or one die rolled five times).[11] Anyone using the diceware method instead of my method will also be insanely secure against both dictionary attacks and against brute-force guessing attacks. I have never heard of anyone or any computer program ever guessing a Diceware passphrase.
That being said, as you yourself pointed out in 2014, the four words that XKCD mentions (note that Randall Munroe never actually says that "correct horse battery staple" is sufficient, only that it is easier for a human to remember and harder for a computer to guess than "Tr0ub4or&3" is) are a couple of words too few:
"For the average user I now recommend a passphrase with six Diceware words, or five words with one extra character chosen and placed at random. This is a change from my previous advice [five words]..." --Source: The Diceware Security Blog
In my opinion (and this is a judgement call - I may be wrong), compared with my method Diceware is much more resistant to the well-known human tendency to make non-random, guessable choices, but (also IMO) my method gives you a passphrase that is easier to memorize and remember after a long time of not using it compared to a Diceware passphrase. --Guy Macon (talk) 07:02, 26 November 2018 (UTC)[reply]
Not intending to get into an argument with you, Guy Macon, just testing my understanding ... by, um, arguing. (Sorry!)
The horse said "That's a battery staple". I replied, "Correct!"
is clearly superior to
correct horse battery staple
(or whatever it was), all things being equal. But not all things are equal, it seems to me. If I want to log in here via my phone (which BTW is something I don't remember ever having done, and would be very reluctant to do), then I'd have to (i) remember the former precisely, (ii) paste it from text copied from elsewhere in the phone's memory (bad!), or (iii) read it off a piece of paper (bad!). As for my own computer, it's rare that I need to specify my password; when this happened, I wouldn't remember if I'd had "replied", "responded" or "answered" (etc etc); and if I'm reading it out of some file I might as well copy
correct horse battery staple bismuth fortuitous banana
(or whatever) out of it and paste that as do the same with the two sentences -- which are indeed hugely more easy for short-term human memory but I imagine [disclaimer: I am not a cognitive scientist] just about as hard, or possibly even harder, for precise memorization over a long period. (Or possibly the problem is that my memory is unusually crappy.)
I don't think what I'm saying contradicts what I understand as your main point, for which I'm grateful (and according to which I intend to upgrade some of my passwords). -- Hoary (talk) 01:40, 26 November 2018 (UTC)[reply]
I am in basic agreement with you. It is significantly harder to compose a passphrase that doen't have significant "I replied\I said" memorization problems when you start with a list of words someone else chooses. I should modify my advice to talk about that. --Guy Macon (talk) 07:02, 26 November 2018 (UTC)[reply]
While I do recommend a six-word passphrase, a four word passphrase like correct horse battery staple is still far stronger than what most people use and is unlikely to appear in a list of previously hacks passwords. I don't disagree that The horse said "That's a battery staple". I replied, "Correct!" is stronger. The question is whether the improvement is worth the added typing. Your passphrase is 61 characters long, vs 28 for the original. I'm not aware of any way to quantify how much more entropy your passphrase gains over XKCD's original, but most people do fairly predictable things when given open-ended advice like make up a sentence with these words. My metric is bits of entropy per keystroke. In my view, entering passwords accurately is the biggest cost to users. Very few people are going to memorize more than a few strong pass phrases. That's why I recommend writing them down or using a good password manager with a strong master pass phrase. The threat these days is not someone stealing your wallet, it's lists of hashed passwords being stolen and cracked offline at very high speed, billions per second. My Diceware list was chosen to minimize word length, and hence passphrase size, for any chosen level of security. The EFF uses much longer words, which I think is silly, but it's a personal choice. Again making up a sentence from a random passphrase as a memory aid is fine, but using the sentence as as the passphrase itself is a very inefficient way to increase security. For what its worth, I also have a tool for generating mnemonic sentences from any random 10-letter string. Random letter strings may be a better choice for mobile devices, which are becoming more common than PCs as an Internet access tool. The best path forward, I believe, is stronger ways for storing password validation data so that stolen lists are much harder or infeasible to crack. That's been the focus of my recent research. How does Wikimedia store its passwords?--agr (talk) 17:08, 26 November 2018 (UTC)[reply]
To partially answer my own question, I found a page https://www.mediawiki.org/wiki/Manual:User_table that describes the Wikimedia default which is pbkdf2 with 10000 iterations of sha256 and salt. That's not bad, but a memory intensive algorithm like scrypt of argon2 (or my RockSalt) would be better. Still, the default shifts the likely threat to using a password that has been cracked before and is high on a list of common passwords.--agr (talk) 17:30, 26 November 2018 (UTC)[reply]
Guy Macon, I'm not clear about the advantage of including word spaces rather than using a continuous string. Is it just that it makes it longer without increasing the difficulty of memorization? DGG ( talk ) 20:01, 27 November 2018 (UTC)[reply]
Itdoeslittletomakethingsharderforanattacker(anyreasonablycompetentattackerwilluseadictionarythattrieseveryphrasewithandwithoutspaces,d1fferentc|-|aractersub5titutions,etc.),butitishardertorememberandeasiertomakeatypowhenyourpassphrasedoesn'tusestandardspelling,punctuation,andgrammar. Guy Macon (talk) 23:59, 27 November 2018 (UTC)[reply]

2FA is not just about "cracking" passwords

There's a huge amount of text here so I'm not sure whether the point has been made elsewhere, but I think it's worth calling out explicitly.

All the stuff about "Macon's principle" is fine, if the only thing you have to worry about is whether a password can be brute-forced. Unfortunately it isn't.

What happens if you need to log in from a public library or a Kinko's? There's probably no keylogger installed on the machine. But there could be. Are you going to come up with another seven-word meaningful and unguessable sentence and change your password?

With 2FA, you can go ahead and log in and not worry about it too much. Probably no one captured your password. But even if someone did, he/she will have a hard time using it. It isn't theoretically perfect, but it's pretty good, which in real-life situations sometimes has to be good enough. --Trovatore (talk) 19:56, 25 November 2018 (UTC)[reply]

Trovatore makes some very good points. There are indeed more ways to attack your login than just a brute force or dictionary guessing attack. Even the "In any event when I go out, I never login to public devices. My laptop always comes with me" method desribed above could be vulnerable to a hidden camera attack or an Evil maid attack. There was a case where an Israeli counter-terrorism unit hired a magician to do a quick swap of a cellphone sitting on a desk with the owner right next to it, some other spies in the next room quickly cloned everything on the cell phone into another one with some special hardware built in, then the magician did another quick switch. Also see: 11 ways to hack 2FA and Security News This Week: Oh Good, Hackers Beat Two-Factor to Rob Bank Accounts

In our case, we aren't terrorists or spies and are extremely unlikely to receive such individual attention. For us, the most likely attack is someone trying multiple Wikipedia accounts looking for a guessable password. A less likely but still plausible threat is someone bribing/threatening a key WMF employer, gaining access to our list of password hashes, and doing a high-speed brute force password-guessing attack.

2FA is fine, until someone concludes that 2FA means they don't have to choose a passphrase that is easy to remember and hard for a high-speed offline passphrase-guessing program to guess. --Guy Macon (talk) 07:42, 26 November 2018 (UTC)[reply]

Account security is only as good as its weakest point. Anarchyte (talk | work) 08:30, 26 November 2018 (UTC)[reply]
...usually. If either guessing your passphrase OR faking your fingerprint will give the attacker access, then both your passphrase and the fingerprint reader have to be resistant to attack -- the system is indeed only as good as its weakest part. but if guessing your passphrase AND faking your fingerprint are needed to give the attacker access, the system is at least as good as its strongest part. --Guy Macon (talk) 00:10, 28 November 2018 (UTC)[reply]

Help interpreting policies

I have found about a billion WP:POLICIES, but is there some page somewhere on which you can ask for help in applying them? In this case I'm charged with having committed a personal attack which I deny. Who determines who is right? ImTheIP (talk) 16:05, 24 November 2018 (UTC)[reply]

If you can't resolve the situation with the user who is saying you've made a personal attack, you can ask for a review of the situation at (most likely) WP:ANI, but be advised that it's called the "drama board" for a reason. Your comment that another editor is "being a little obtuse" is, very strictly speaking, an ad hominem, but I think it's stretching the definition of a personal attack pretty far to have called you on it (courtesy ping Shrike). My advice is to ignore it. Ivanvector (Talk/Edits) 16:17, 24 November 2018 (UTC)[reply]
Keep mind its a discretionary topic area which you operate in.If you continue calling others "obtuse".I will ask for you conduct will be reviewed at WP:AE --Shrike (talk) 16:42, 24 November 2018 (UTC)[reply]
@Shrike: just to be clear because apparently I wasn't, I advised ImTheIP to ignore your warning because you're being ridiculous. Calling someone "a little obtuse" is perhaps the most mild insult in the history of the internet. Ivanvector (Talk/Edits) 16:55, 24 November 2018 (UTC)[reply]
@Ivanvector: What if if said in return that he is obtuse too?Would you think this a proper way to built encyclopedia?That per our policy should be built in "collegial atmosphere" --Shrike (talk) 17:00, 24 November 2018 (UTC)[reply]
@Shrike:Someone who is obtuse has difficulty understanding things. It is not an insult. Perhaps as English is not your first language you should try to understand usage before threatening others here? Maybe it is you who is obtuse? Leaky Caldron 17:19, 24 November 2018 (UTC)[reply]
"Perhaps as English is not your first language" Those of us for whom English is not a second language should not be saying to those of us for whom English is a second language that they are "obtuse". (No comment on what constitutes a personal attack or not.) Bus stop (talk) 17:50, 26 November 2018 (UTC)[reply]

Pronunciations of Japanese place names

This topic may be related to Wikipedia:Manual of Style/Pronunciation. Here I focus on, so to say, representative pronunciations in the common Japanese, like those which are adopted in NHK newscasts. I am a native speaker of Japanese.

Currently in some English Wikipedia articles featuring a Japanese local self-governing body, the pronunciation is described not properly. This is mainly because a Japanese place name which ends in a lower pitch when it is used as one word, such as Kōbe, ends in a higher pitch when it is followed by a suffix meaning a prefecture or municipality to make a compound, as in Kōbe-shi.
For example, the indication "Kobe (神戸市, Kōbe-shi, Japanese: [koːꜜbe])" (in the latest version of the article Kobe) is inappropriate, because the compound 神戸市 is actually pronounced like [koːbeꜜɕi].
To highlight this difference in the patterns of pitches, the best way is to show the pronunciations of both the place name itself and the compound with a pitch-drop mark, as in the latest version of the article Kyoto.
However, a detailed description of pitches may not be helpful to people who usually do not have to speak Japanese, such as temporary foreign travelers to Japan. For such people not to mispronounce or confuse Japanese proper nouns, the information on pitches may be unnecessary.
(Regarding the place name Kyōto, I know two pitch patterns. Personally, I pronounce the latter half of [oː] and the following [to] in a lower pitch, as in the sample voice linked from the article Kyoto. In the other pattern, which I suppose could be heard in some Kansai dialects, only [to] is pronounced in a lower pitch. Such variation of pitch patterns, however, may not be significant for most Wikipedia readers.)
Also, a more Wikipedia-fundamental problem is, pronunciations now shown in those articles are presumably not supported by a reliable source. (I suppose NHK日本語発音アクセント新辞典 (NHK's New Dictionary of Japanese Pronunciation and Accentuation; ISBN-13: 978-4140113455) would work as a good source.)

How do you think we should describe pronunciations of Japanese place names? Especially, should we include or omit the information on pitches?

Thank you. --Dumpty-Humpty (talk) 16:14, 24 November 2018 (UTC)[reply]

@Dumpty-Humpty: You may be interested in Wikipedia:Manual of Style/Japan-related articles. --Izno (talk) 19:18, 24 November 2018 (UTC)[reply]
I would suggest moving the pronunciation to a footnote and including both versions. My second choice would be to remove the pronunciation entirely. Kaldari (talk) 00:56, 25 November 2018 (UTC)[reply]
Izno, I doubt that Dumpty-Humpty would be interested in Wikipedia:Manual of Style/Japan-related articles: It says next to nothing about pronunciation. Dumpty-Humpty, I hadn't noticed that en:WP attempts to indicate akusento; and now that you draw my attention to this, I'm surprised. It seems a rather unnecessary complication, given that few people are likely to be interested and those people are likely to have the NHK dictionary you recommend, or something similar. However, you might ask about it at Wikipedia talk:Manual of Style/Japan-related articles. -- Hoary (talk) 13:55, 25 November 2018 (UTC)[reply]

User rights issue

The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.


I am currently a user who has user rights Auto-Confirmed and Auto-Patrolled. With that right, am I allowed to edit another user's user page? (talk) 13:15, 26 November 2018 (UTC)[reply]

Hey Adithyak1997. It's not totally clear that I understand your question. The vast majority of the time, not having these user permissions does not interfere with your ability to edit pages, only those comparatively few page that have been protected in one form or another. If you mean whether you can ask questions or make comments on user talk pages, again, the vast majority of the time you should be technically able to do so regardless. If you mean whether you can edit someone's main user page, then the answer is that it's generally going to be seen as rude or otherwise disruptive to do so, since these pages are for individual users to post whatever information about themselves they may like, and not really a place for other editors to add content. GMGtalk 13:23, 26 November 2018 (UTC)[reply]
I need to know whether [[[this] edit comes under the name vandalism.Adithyak1997 (talk) 13:25, 26 November 2018 (UTC)[reply]
Well, Adithyak1997, it's not clear that would necessarily be considered vandalism, at least not by the English Wikipedia definition, since that requires a good measure of explicit bad faith. However, as I indicated above, it is often considered rude to edit others' user pages, and if there is a major problem that needs fixing, it's probably better to leave them a note on their talk page informing them of the issue, rather than making the edits yourself. In pretty much any case, if someone asks you to stop doing something, then the appropriate response is usually to stop and discuss with them why they don't think the edits are appropriate.
Having said all that, it does look like Irvin calicut, who left you the warning on the Malayalam Wikipedia, does also speak decent English, and they may want to weigh in further. GMGtalk 13:39, 26 November 2018 (UTC)[reply]
So my edit doesn't lead to vandalism right?Adithyak1997 (talk) 13:42, 26 November 2018 (UTC)[reply]
It's completely possible that I'm missing a bit of nuance given the language difference, but generally no, an apparent good faith effort to fix depreciated markup would not generally be considered vandalism, but that doesn't necessarily mean it is particularly helpful, or that it isn't done in a way that might be considered rude. GMGtalk 13:48, 26 November 2018 (UTC)[reply]
The proper place to be asking this question is at ml.wiki. Policies and practices there are not governed by policies and practices here.
Trappist the monk (talk) 13:51, 26 November 2018 (UTC)[reply]
I was actually going to ask there.But through reading of the document vandalism, I didn't find that my edit leads to vandalism. So, just for a reference only I asked it here.Adithyak1997 (talk) 13:54, 26 November 2018 (UTC)[reply]
The discussion above is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.

Discussion: Citation bot removal of publisher and location in cite journal

I have begun an RFC at Help talk:CS1 regarding Citation bot's activity for cite journal publisher and location. Please provide input. --Izno (talk) 16:04, 27 November 2018 (UTC)[reply]

Announced that

The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.


There needs to be stricter, or more visible, policy on the use of the sentence "On (date), (source) announced that" to start every new piece of information. For example, in Chevrolet Volt, "announced" appears 24 times. I found WP:ANNOUNCED, which is an essay by User:HuffTheWeevil. It is basically what I had in mind, but just shows the limited efforts of one inactive user. There is also WP:PROSELINE, which is another essay with the same basic idea, but does not include "announced" specifically. I feel like there are some users who just believe this is the right way to add new information to Wikipedia articles, rather than just stating the info as fact with a reference. A user warning/note template might help. --Vossanova o< 20:38, 27 November 2018 (UTC)[reply]

"Wikipedia articles should have compelling, well-written prose" is sufficient. We don't need to have a separate policy page for every possible kind of shitty writing out there. If you come across shitty writing; make it less shitty. WP:SOFIXIT is all the policy you need. You don't need pre-approval. --Jayron32 20:44, 27 November 2018 (UTC)[reply]
The discussion above is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.

Spamming complaint

Today I moseyed over to read an article as an IP visitor, without logging in. I got two - TWO! - annoying nag boxes begging for money. One was plonked right in the middle of the article I was reading! The other swam in from the side after a few seconds of reading.

I am soo disgusted - why don't you post the whole thing on Facebook so you can just spend your donations on unsolicited promotional ads, aka spam, in everbody's faces?

Look, this is serious. First of all, it messages the IP visitor that you want their money not their time, sending a red flag warning that if they open an account they will get even more begging spam. Maybe this is one reason that more editors walk than join, these days.

Also, if you keep on behaving like this then people will just lump you in with all the other fake news spammers and ad-choked shit peddlers out there, and get to loathe you on principle. That is not what Wikipedia is for.

Please wake up and smell the coffee before it is too late. (And for f***'s sake don't post a mealy-mouthed apologia here and expect it to do anything other than goad your victims to greater disgust). Signing off, thinly disguised as said IP visitor. 83.104.46.71 (talk) 09:37, 28 November 2018 (UTC)[reply]

  • Angry IP might have a point here. The initial nag screen that logged out editors see is 450px tall and the full width of the article, and on every subsequent page they see a similar big red notice measuring about 735x250px, until they dismiss it. In both cases article text is pushed down, not overlaid, but it's still quite obtrusive. Ivanvector (Talk/Edits) 17:12, 28 November 2018 (UTC)[reply]
Thinking further, there is a point to be made about our regular IP editors, the "anyones" who can and do edit Wikipedia to such positive effect. Why should they be penalised with relentless nagware just because they require to preserve their anonymity? No, all visitors - logged in or otherwise - should be treated with the same respect and consideration. This nonsense really does have to stop before I log back in and take it to Arbcom or wherever. Is there a better place than this to force the issue? 83.104.46.71 (talk) 20:31, 28 November 2018 (UTC)[reply]

Proposed amendment to WP:LISTPEOPLE regarding the inclusion of lists of non-notable victims in articles about tragic events

Propose to add the following text to WP:IINFO (or some close facsimile should we decide to tweak the wording at any point):

5. Lists of victims In articles about tragic events, such as crimes or disasters, where people are killed or injured, bare lists of victims, which only compile names and basic information (age, birthplace, occupation, etc.) are to be deprecated. Victims of crimes and disasters and other tragic events may be named as a normal part of a quality prose narrative, but lists of victims names with no context are not useful to most readers anymore than lists of names are in other Wikipedia articles, and advice for creating lists of names of otherwise non-notable people are as applicable to victim's lists as anywhere else in Wikipedia. Victims lists are not accorded any special exemptions from the normal practices of creating lists of otherwise non-notable people.

Such changes are intended to avoid having to re-litigate the constant debates that happen over and over on various article talk pages. The matter has been under discussion at WP:VPIL for some time now, and there seems to be a general consensus to bring forward, for public consideration, the above addition. There was some concern over where to put this guidance, but WP:IINFO seems to be the place where it is most applicable. For the sake of organization, let's do the three section voting: Support, Oppose, and Discussion, where we can discuss tweaking the wording, make comments on our own or other's votes, change the target guidance page, etc.

Support

  1. As nominator --Jayron32 19:40, 28 November 2018 (UTC)[reply]
  2. Absolutely - FlightTime Phone (open channel) 19:48, 28 November 2018 (UTC)[reply]


Oppose


Discussion