@IKhitron is this request relating to making these echo email notifications the default for new users or setting it as the default for all users? As I understand it, the first just requires a config change, but the second may involve a database query

Hi, @Samtar, we're talking about all users, existing and upcoming as well. Why do you need to work for filtering nobody?

Change 374082 had a related patch set uploaded (by Samtar; owner: Samtar):
[operations/mediawiki-config@master] Make both LoginNotify email features default for Hewiki

https://gerrit.wikimedia.org/r/374082

These should be global preferences. It doesn't make much sense to receive an email when someone attempts to login with my account at hewiki, but not when they do so at enwiki, when it's the same password. And if it was treated as a global preference (isn't the case right now), then the defaults shouldn't be determined per-wiki, so it may be preferable not to setup custom values for these preferences.

Sure it should. Until then, hopely a couple of months, it's better than nothing, don't you think?
And of course I'll not tell this to the community, because vandals can read.
But I still don't understand, why these two weren't become default for all users on all wikis from the first place.

@Platonides I agree, but the scope of this task (and the community concensus behind it) is only for hewiki. I'd recommend raising this on meta.

If and when it's decided to make this global, we can just remove this change (and perhaps put it into 'default' - that may apply it to each wiki?)

It's really odd to me that these are preferences at all. Why isn't it just enabled everywhere?

In T174263#3557671, @Amire80 wrote:

It's really odd to me that these are preferences at all. Why isn't it just enabled everywhere?

We were concerned about spamming users with too many emails/notifications.

In T174263#3560835, @Niharika wrote:

In T174263#3557671, @Amire80 wrote:

It's really odd to me that these are preferences at all. Why isn't it just enabled everywhere?

We were concerned about spamming users with too many emails/notifications.

Please don't. This is exactly the place where overdose is better than underdose. If anybody is beeing spammed, they can ask to block the IP, or just opt out in preferences. At least the unfamiliar device success should be default for everyone. We have the same on Google, and we are not beeing spammed at all. Could you change your mind, please?

In T174263#3560842, @IKhitron wrote:

In T174263#3560835, @Niharika wrote:

In T174263#3557671, @Amire80 wrote:

It's really odd to me that these are preferences at all. Why isn't it just enabled everywhere?

We were concerned about spamming users with too many emails/notifications.

Please don't. This is exactly the place where overdose is better than underdose. If anybody is beeing spammed, they can ask to block the IP, or just opt out in preferences. At least the unfamiliar device success should be default for everyone. We have the same on Google, and we are not beeing spammed at all. Could you change your mind, please?

I'll let @DannyH (who's the product manager for this) answer to that.

I talked to @Johan about this -- we'd like to post a question on a couple more village pumps, to see if anybody has objections. We'll get some feedback this week from those wikis, and then I expect we'll be able to make a decision by next week about whether this change is made per wiki vs making it default on all wikis.

Does that sound good?

In T174263#3563259, @DannyH wrote:

Does that sound good?

It does, @DannyH, but there is a problem: if it's default on many wikis and not default on one, any abuser can login on that one and use central identification to get in anywhere. So it's like we done nothing. Maybe better to make it default to all users anywhere and recommend to opt out using upcoming global preferences to anybody who does not want it.

I don't think this needs to be an all-or-nothing situation. Let's hear what a couple more wikis think about it.

In T174263#3564064, @DannyH wrote:

I don't think this needs to be an all-or-nothing situation. Let's hear what a couple more wikis think about it.

I didn't say let's not hear. I just think it's pointless to have this feature for any particular user, if there is at least one wiki site somewhere without it, and abuser can login this user's account there. It's like he hasn't it at all. Am I wrong, @DannyH?

I think that it's a matter of degree -- people turning on email notifications for successful logins will be notified on their wiki. There is a possibility that an abuser knows both my password *and* which wikis don't have email notifications for successful logins set as default. Most abusers won't. So no, I don't think it's pointless.

So I understand the point that you're making, but we don't need to argue about it today. :) It may turn out in a couple days that everyone wants it on by default everywhere, and we'll have wasted time going deep into an argument about harm reduction. Let's see what people say.

Very well, @DannyH, let's argue next week. :-) But I understand your point of view now, after this explanation. I just don't think that it will take more than a minute to anyone to find the list of wikis without default... So, let's wait.

In T174263#3560842, @IKhitron wrote:

In T174263#3560835, @Niharika wrote:

We were concerned about spamming users with too many emails/notifications.

If anybody is beeing spammed, they can ask to block the IP, or just opt out in preferences.

But would blocking the IP achieve anything? I think a blocked IP can still log in, thus they could use failed attempts simply as an annoying measure, using it just to spam the user.

Many people is unable to setup a simple email filter :( Hopefully, the preference to completely disable login attempt emails would work for them.

For the future, we may want to provide a way to specify «yes, there is an Antarctica dynamic IP address trying to log in as me daily. I have never been there and I am not interested in getting access from there. Please do not allow such attempts and hide these notifications.»

@DannyH which VPs have you posted to about this? (Or which ones will you be posting to?) Someone may want to monitor the discussions.

Since this is about hewiki I created a new task for the other communities. See T174568.

Thank you @Johan - I'm going to hang fire on this task if there's a chance a global preference is going to be enabled any time soon. Failing that, should we continue with enabling this on hewiki?

Of course. As I said, it's better than nothing. And if it will fail, I'll recommend hewiki users opt in globally, when it will be possible.

In T174263#3572726, @Samtar wrote:

Pending discussion at T174568

Hi, Samtar. Could you explain me why, please? If the discussion will support, this task will be done, as in rest wikis. If will not, it will be done only for this wiki. Why wait weeks or months?

Per @Platonides -1 at the patch. If they re-review and +1 I'll happily get this merged and deployed

In T174263#3572989, @Samtar wrote:

Per @Platonides -1 at the patch. If they re-review and +1 I'll happily get this merged and deployed

Thank you.

@Platonides, could you explain, please.

What's ambiguous about:

I don't think we should be setting per-wiki defaults for these preferences that should be global. See T174263#3557302

?

This is just a -1 level disagreement, not a strong one. I don't think we should be configuring this if we are going to change it shortly (as we do). On the other hand and answering comment T174263#3566232, if hewiki community has no problem accepting that this request may last just a few weeks, it's up to them.

For the record, I do support changing the default preferences to a more verbose setting. IMHO "Failed login attempts" should be on by default, and although "Login from an unfamiliar device" would be nice if perfect, I fear it may have an high number false positives (as I explained on T174568#3571994) and thus be inappropriate to enable globally at the present time.

I am happy to see hewiki community volunteering as a guinea pig for testing that, though. ;)

PS: I am enabling these on a couple of wikis, in order to self-test it. I expect it will send me a warning every day or so.

In T174263#3574597, @Platonides wrote:

On the other hand and answering comment T174263#3566232, if hewiki community has no problem accepting that this request may last just a few weeks, it's up to them.

How many weeks is a few? 549 days for average high priority task, as in yesterday statistics?

I am happy to see hewiki community volunteering as a guinea pig for testing that, though. ;)

@Amire80, you should answer on this.

[offtopic] @IKhitron: Please do not grossly misinterpret statistics for random purposes. "Yesterday statistics" says "How long tasks have been open, not how long they have had that priority".

In T174263#3574603, @IKhitron wrote:

I am happy to see hewiki community volunteering as a guinea pig for testing that, though. ;)

@Amire80, you should answer on this.

I'm not sure why me, but of course I support it.

It should become default everywhere, and then the particular configuration must be removed.

Some clarifications:

1. I'm happy to volunteer hewiki, because we've been good at being guinea pigs for years, and because other editors already agreed. Other than that, there's nothing special about Hebrew. It could actually be tested in any other randomly selected wiki in the top-50 by activity.
2. I'm saying that it should be default everywhere because it makes general sense to me that a feature that is related to logging in to a global account should itself be global. But —and I cannot emphasize this strongly enough— I'm NOT a security expert. If actual security experts says something different, please listen to them and not to me.

In T174263#3574779, @Aklapper wrote:

[offtopic] @IKhitron: Please do not grossly misinterpret statistics for random purposes. "Yesterday statistics" says "How long tasks have been open, not how long they have had that priority".

I think it's inappropriate to tell someone to "not… misinterpret" something. If they are indeed misinterpreting something, then simply correct them and leave it at that.

In T174263#3574779, @Aklapper wrote:

[offtopic] @IKhitron: Please do not grossly misinterpret statistics for random purposes. "Yesterday statistics" says "How long tasks have been open, not how long they have had that priority".

That's why exactly I spoke about "High", which this task absolutely isn't. Pay attention we don't talk about phabricator delay, but village pump's one.

I'm trying to figure out the best thing to do here. This ticket (and T174568) has branched into lots of different side issues, and I think trying to push for this change to happen immediately for hewiki has actually slowed down the discussion. :)

The primary decision that we need to make is whether to turn email notifications for successful logins on by default, on all wikis.

As the product manager for this feature, I'm actually okay with making that decision here on this ticket, if there are people who want to discuss it here. I've heard from a few people so far who have made very good arguments for turning it on by default everywhere. Are there people on this thread who feel like it should not be turned on by default?

(And please stay on that topic and nothing else.)

Maybe you'll split your question, @DannyH? I think it must be default for successful login. I have no opinion about fail login. Thank you.

It's already split; I'm asking about successful logins. I know that you're strongly for it; I want to know if anyone else on this ticket is against it.

Sorry, missed that point. Thank you.

Nobody's said no, so I'm gonna call that a yes. I changed the ticket to say: turn on email by default on all wikis.

@IKhitron: thanks for bringing this up, and thanks for your patience :)

Cool. Thanks a lot.

Change 374082 abandoned by Samtar:
Make both LoginNotify email features default for Hewiki

Reason:
Per change of T174263

https://gerrit.wikimedia.org/r/374082

Change 378286 had a related patch set uploaded (by Niharika29; owner: Niharika Kohli):
[mediawiki/extensions/LoginNotify@master] Make LoginNotify email notifications on by default

https://gerrit.wikimedia.org/r/378286

Change 378286 merged by jenkins-bot:
[mediawiki/extensions/LoginNotify@master] Make LoginNotify email notifications on by default

https://gerrit.wikimedia.org/r/378286

Great, thank you. @Johan, what do you think? It should be published, or not?

I'm planning on adding it to the upcoming Tech News issue.

Thanks.

I note that the documentation page: https://www.mediawiki.org/wiki/Help:Login_notifications#Successful_logins still notes that the feature for successful logins is off by default. I gather this is no longer correct ?

Updated.