Wikipedia:Bureaucrats' noticeboard: Difference between revisions
Jehochman2 (talk | contribs) →2FA Borked: thanks |
Jehochman2 (talk | contribs) →2FA Borked: T186115 |
||
| Line 43: | Line 43: | ||
* Can we let this sit for a while and see if a developer is willing to help? Additionally, I may ask a few known people to verify that this is me. [[User:Jehochman2|Jehochman2]] ([[User talk:Jehochman2|talk]]) 16:04, 31 January 2018 (UTC) |
* Can we let this sit for a while and see if a developer is willing to help? Additionally, I may ask a few known people to verify that this is me. [[User:Jehochman2|Jehochman2]] ([[User talk:Jehochman2|talk]]) 16:04, 31 January 2018 (UTC) |
||
*: {{ping|Jehochman2}} to find out - did you open a phab ticket? What is the ticket #? — [[User:Xaosflux|<span style="color:#FF9933; font-weight:bold; font-family:monotype;">xaosflux</span>]] <sup>[[User talk:Xaosflux|<span style="color:#009933;">Talk</span>]]</sup> 16:15, 31 January 2018 (UTC) |
*: {{ping|Jehochman2}} to find out - did you open a phab ticket? What is the ticket #? — [[User:Xaosflux|<span style="color:#FF9933; font-weight:bold; font-family:monotype;">xaosflux</span>]] <sup>[[User talk:Xaosflux|<span style="color:#009933;">Talk</span>]]</sup> 16:15, 31 January 2018 (UTC) |
||
*:: [[phab:T186115]] [[User:Jehochman2|Jehochman2]] ([[User talk:Jehochman2|talk]]) 16:41, 31 January 2018 (UTC) |
|||
*{{ec}} I've received an e-mail from the real Jehochman, and can confirm that that's him. [[User:Bishonen|Bishonen]] | [[User talk:Bishonen|talk]] 16:06, 31 January 2018 (UTC). |
*{{ec}} I've received an e-mail from the real Jehochman, and can confirm that that's him. [[User:Bishonen|Bishonen]] | [[User talk:Bishonen|talk]] 16:06, 31 January 2018 (UTC). |
||
Revision as of 16:41, 31 January 2018
|
|
|
|
1, 2, 3, 4, 5, 6, 7, 8, 9, 10 |
|
This page has archives. Sections older than 5 days may be automatically archived by Lowercase sigmabot III. |
For sensitive matters, you may contact an individual bureaucrat directly by e-mail.
The Bureaucrats' noticeboard is a place where items related to the Bureaucrats can be discussed and coordinated. Any user is welcome to leave a message or join the discussion here. Please start a new section for each topic.
This is not a forum for grievances. It is a specific noticeboard addressing Bureaucrat-related issues. If you want to know more about an action by a particular bureaucrat, you should first raise the matter with them on their talk page. Please stay on topic, remain civil, and remember to assume good faith. Take extraneous comments or threads to relevant talk pages.
If you are here to report that an RFA or an RFB is "overdue" or "expired", please wait at least 12 hours from the scheduled end time before making a post here about it. There are a fair number of active bureaucrats; and an eye is being kept on the time remaining on these discussions. Thank you for your patience.
To request that your administrator status be removed, initiate a new section below.
| RfA candidate | S | O | N | S % | Status | Ending (UTC) | Time left | Dups? | Report |
|---|---|---|---|---|---|---|---|---|---|
| Worm That Turned | 259 | 4 | 7 | 98 | Open | 09:47, 18 November 2024 | 2 days, 5 hours | no | report |
 | It is 03:51:56 on November 16, 2024, according to the server's time and date. |
2FA Borked
Hello. Sorry to make work for you. I recently replaced my mobile device that had my 2FA Authenticator app. Regrettably, I can’t find the scratch tokens so I can’t login anymore. I’m still logged in here on this device which is how I’m able to post.
Anyhow, I’m going to abandon this account and switch all activity to jehochman2 (talk · contribs · deleted contribs · logs · filter log · block user · block log). Please be so kind as to move my ops to that account. Please name my original account something else and rename jehochman2 to be Jehochman. If that’s not doable, do whatever you think is right. Feel free to email to confirm that this is me and not some very clever imposter.
As a warning to all those watching, 2FA on Wikipedia isn’t fully baked. The emergency codes should be automatically emailed to the user. I haven’t had these troubles with any of the other web services where I use 2FA. Jehochman Talk 14:24, 31 January 2018 (UTC)
- I haven’t had these troubles with any of the other web services where I use 2FA.
- That's because most websites require you to verify your phonenumber and allow you to use this as a secondary route for recovery. As we don't want to store people's phone numbers (for privacy reasons, and I think the community would freak out), we don't have this additional backup methodology (and it does weaken the 2FA security to have them actually).
- The emergency codes should be automatically emailed to the user
- there is NO website that supports 2FA that will ever email you emergency codes. That would defeat the whole process. Almost every website will tell you to print them and store them securely (as do we)
- I recently replaced my mobile device that had my 2FA Authenticator app
- The simplest method is to deal with this is to disable 2FA with your old phone and then re-enroll on the new phone.
- Feel free to email to confirm that this is me and not some very clever imposter.
- Ehm... if you think that emailing is a method of confirming identity, then you might very well be an imposter. Rights should never be transferred based on such a simple check
- Anyhow, I’m going to abandon this account and switch all activity
- Recovery of the old account is possible, IF you can somehow prove your identity. For this create a ticket similar to: phab:T180654 and describe the evidence that you can provide to a functionary (don't throw it into the actual ticket right away, the sysop will set up a private conversation for that). Evidence that might be usable, is proving your access to the email address that you used for the original account, committed identity, GPG keys, in person contact with well respected members of the community, et etc... —TheDJ (talk • contribs) 15:01, 31 January 2018 (UTC)
- Thanks, but I didn't post here to be schooled. Why don't you listen and we'll see if somebody can help me. Jehochman2 (talk) 15:29, 31 January 2018 (UTC)
- (edit conflict)You can get 2FA reset. You aren't the first admin to have this issue, which Crats can't fix, but I'm betting someone smarter than I will come along and tell you the link to request that auth be removed from your primary account. Last time I saw it, it was fairly painless. It seems that many (myself included) preferred that as it maintained the histories of the admin. Dennis Brown - 2¢ 15:02, 31 January 2018 (UTC)
- Thank you. The help page seemed to indicate that this wasn't a good option, but I have posted to Phabricator. If it works I will update the help page so that others can benefit. Jehochman2 (talk) 15:39, 31 January 2018 (UTC)
- @Jehochman2: it really isn't a "good" option - but for well established users they are making some exceptions in entertaining petitions - the requirements for what a petition must include are not even well defined yet. — xaosflux Talk 15:47, 31 January 2018 (UTC)
- (edit conflict) @Jehochman: / @Jehochman2: , assuming you can convince a developer - a much better fix for your immediate need would be to petition to have 2FA removed from your account. An example phab ticket is
phab:T185731phab:T180654 (is better). Scratch codes are supposed to be very secret, so adding them to email is generally a bad idea. 2FA does need more improvements, which is why it is not available for everyone right now. Once you petition a developer, they may contact you to further authenticate you. — xaosflux Talk 15:03, 31 January 2018 (UTC)
- Jehochman, you've emailed me before, so I know your email account. If you email me from that same email address, I can verify you. That is one of the things they probably will ask you to do. Dennis Brown - 2¢ 15:13, 31 January 2018 (UTC)
- A QCU request (Wikipedia:Sockpuppet_investigations#Request_from_WP:BN) has been opened as well. — xaosflux Talk 15:16, 31 January 2018 (UTC)
- QCU withdrawn due to Jehochman's comments that he is on a different system, see withdraw note at QCU requests. — xaosflux Talk 15:44, 31 January 2018 (UTC)
- I reopened it, suggesting a check of Jehochman = Jehochman2. That should match and go part of the way to verifying that it's me. Jehochman2 (talk) 15:50, 31 January 2018 (UTC)
- I've completed the check and posted the results.--Bbb23 (talk) 16:14, 31 January 2018 (UTC)
- I double-checked and have also commented there. —DoRD (talk) 16:29, 31 January 2018 (UTC)
- I reopened it, suggesting a check of Jehochman = Jehochman2. That should match and go part of the way to verifying that it's me. Jehochman2 (talk) 15:50, 31 January 2018 (UTC)
- QCU withdrawn due to Jehochman's comments that he is on a different system, see withdraw note at QCU requests. — xaosflux Talk 15:44, 31 January 2018 (UTC)
- A QCU request (Wikipedia:Sockpuppet_investigations#Request_from_WP:BN) has been opened as well. — xaosflux Talk 15:16, 31 January 2018 (UTC)
- Can we let this sit for a while and see if a developer is willing to help? Additionally, I may ask a few known people to verify that this is me. Jehochman2 (talk) 16:04, 31 January 2018 (UTC)
- @Jehochman2: to find out - did you open a phab ticket? What is the ticket #? — xaosflux Talk 16:15, 31 January 2018 (UTC)
- (edit conflict) I've received an e-mail from the real Jehochman, and can confirm that that's him. Bishonen | talk 16:06, 31 January 2018 (UTC).
- Jehochman2, I got a new phone in December and also forgot to disable 2fa before wiping the old one, so I understand your plight well. After a brief moment of terror, I remembered that I still had my scratch codes. —DoRD (talk) 16:29, 31 January 2018 (UTC)
- I have sent an email to an address previously known by me to belong to Jehochman and they have replied, so I'm convinced his account has not been compromised. Dennis Brown - 2¢ 16:36, 31 January 2018 (UTC)
- Thank goodness! And thank you! Jehochman2 (talk) 16:39, 31 January 2018 (UTC)