Page MenuHomePhabricator

Disable Two-factor authentication for user Arsog1985 (hywiki)
Closed, ResolvedPublic

Description

Please disable Two-factor authentication for user Arsog1985 because he has enabled it accidentally and now can't use his account. These users know Arsog1985 in real life and their signatures confirm that he has lost his account. Please compare the signatures with this list, you can easily see that they are the most active users of Armenian Wikipedia. Arsog1985 also can provide information about his Preferences and Watchlist.

Event Timeline

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJun 24 2017, 11:56 PM
jrbs claimed this task.Jun 26 2017, 8:49 PM
jrbs triaged this task as High priority.
jrbs moved this task from Backlog to Evaluate on the Trust-and-Safety board.

Will work with @Jalexander on this.

Restricted Application added a subscriber: Dereckson. · View Herald TranscriptJun 26 2017, 8:49 PM

@jrbs Could you give us an update? The delay to recover an account starts to override what's reasonable.

Dereckson added a comment.EditedJul 11 2017, 1:49 PM

So, here some technical data to help recovery process:

  • the user doesn't have any email linked to the account pre-SUL.
  • the user doesn't have any email linked to the account post-SUL
  • 2FA is indeed enabled

Some social data about the wiki:

  • no CU
  • no bureaucrat
  • 10 administrators, including Arsog1985 and 3 persons declaring we can trust the request
Dereckson added a comment.EditedJul 11 2017, 1:59 PM

@Ashot1997 Did Arsog1985 link to another source of authentication outside a Wikimedia wiki or an e-mail we can use to help to authenticate the request? For example, did it publish on the village pump or elsewhere a blog or a Twitter account?

Could you explain a little bit the process followed by the signees to check the identity?

Meanwhile, I've noticed the logs exhibit the following pattern:

  • successful login operations until June 23
  • failed login operation June 24, coherent with the elements presented in the request, and an IP

I've asked to a steward a CU to compare this IP with past contributions, as hy.wikipedia doesn't have any local checkuser. The request is here, and "Positive, without any doubt.".

As such, there is enough evidence the request is legitimate to reset the 2FA.

jrbs closed this task as Resolved.Jul 11 2017, 4:01 PM

@jrbs Could you give us an update? The delay to recover an account starts to override what's reasonable.

@Ashot1997, please accept my apologies for the delay here. I discussed this this morning with James as a matter of urgency.

As such, there is enough evidence the request is legitimate to reset the 2FA.

We agree. I have now removed this from the account. @Ashot1997 - could you relay to Arsog1985 that he can now log in? Thank you, and once again I am sorry for the delay.

jrbs added a comment.Jul 11 2017, 4:02 PM

(I would also recommend that he attach an email to his account to make this process easier in the future should similar need to be done in future.)

...I have now removed this from the account. @Ashot1997...

Please join #wikimedia-operations and write something like:
!log Removed 2FA for Arsog1985 SUL account (T168779)

A bot will then publish the entry to https://wikitech.wikimedia.org/wiki/Server_Admin_Log, that helps for transparency and future reference.

Mentioned in SAL (#wikimedia-operations) [2017-07-11T16:16:55Z] <tzatziki> Removed 2FA for Arsog1985 SUL account (T168779)

jrbs added a comment.Jul 11 2017, 4:17 PM

...I have now removed this from the account. @Ashot1997...

Please join #wikimedia-operations and write something like:
!log Removed 2FA for Arsog1985 SUL account (T168779)
A bot will then publish the entry to https://wikitech.wikimedia.org/wiki/Server_Admin_Log, that helps for transparency and future reference.

Argh, sorry. Done!

As we can see, Arsog1985 is active again. Thank you all very much.