Page MenuHomePhabricator
Create Task
Maniphest T168779

Disable Two-factor authentication for user Arsog1985 (hywiki)
Closed, ResolvedPublic
Actions

Description

Please disable Two-factor authentication for user Arsog1985 because he has enabled it accidentally and now can't use his account. These users know Arsog1985 in real life and their signatures confirm that he has lost his account. Please compare the signatures with this list, you can easily see that they are the most active users of Armenian Wikipedia. Arsog1985 also can provide information about his Preferences and Watchlist.

Event Timeline

Ashot1997 created this task.Jun 24 2017, 11:56 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJun 24 2017, 11:56 PM
Ashot1997 added projects: Trust-and-Safety, Wikimedia-Site-requests.Jun 24 2017, 11:58 PM
MarcoAurelio added subscribers: jrbs, Jalexander.Jun 25 2017, 9:59 AM
MarcoAurelio moved this task from Backlog to Analysis / under discussion on the Wikimedia-Site-requests board.Jun 25 2017, 10:26 AM
jrbs claimed this task.Jun 26 2017, 8:49 PM
jrbs triaged this task as High priority.
jrbs moved this task from Backlog to Evaluate on the Trust-and-Safety board.

Will work with @Jalexander on this.

Restricted Application added a subscriber: Dereckson. · View Herald TranscriptJun 26 2017, 8:49 PM
Framawiki subscribed.Jul 4 2017, 8:53 PM
Dereckson added a comment.Jul 11 2017, 1:37 PM

@jrbs Could you give us an update? The delay to recover an account starts to override what's reasonable.

Dereckson added a comment.EditedJul 11 2017, 1:49 PM

So, here some technical data to help recovery process:

  • the user doesn't have any email linked to the account pre-SUL.
  • the user doesn't have any email linked to the account post-SUL
  • 2FA is indeed enabled

Some social data about the wiki:

  • no CU
  • no bureaucrat
  • 10 administrators, including Arsog1985 and 3 persons declaring we can trust the request
Dereckson added a comment.EditedJul 11 2017, 1:59 PM

@Ashot1997 Did Arsog1985 link to another source of authentication outside a Wikimedia wiki or an e-mail we can use to help to authenticate the request? For example, did it publish on the village pump or elsewhere a blog or a Twitter account?

Could you explain a little bit the process followed by the signees to check the identity?

Dereckson added a comment.Jul 11 2017, 2:43 PM

Meanwhile, I've noticed the logs exhibit the following pattern:

  • successful login operations until June 23
  • failed login operation June 24, coherent with the elements presented in the request, and an IP

I've asked to a steward a CU to compare this IP with past contributions, as hy.wikipedia doesn't have any local checkuser. The request is here, and "Positive, without any doubt.".

As such, there is enough evidence the request is legitimate to reset the 2FA.

jrbs closed this task as Resolved.Jul 11 2017, 4:01 PM
In T168779#3424946, @Dereckson wrote:

@jrbs Could you give us an update? The delay to recover an account starts to override what's reasonable.

@Ashot1997, please accept my apologies for the delay here. I discussed this this morning with James as a matter of urgency.

In T168779#3425204, @Dereckson wrote:

As such, there is enough evidence the request is legitimate to reset the 2FA.

We agree. I have now removed this from the account. @Ashot1997 - could you relay to Arsog1985 that he can now log in? Thank you, and once again I am sorry for the delay.

jrbs added a comment.Jul 11 2017, 4:02 PM

(I would also recommend that he attach an email to his account to make this process easier in the future should similar need to be done in future.)

Dereckson added a comment.Jul 11 2017, 4:12 PM
In T168779#3425557, @jrbs wrote:

...I have now removed this from the account. @Ashot1997...

Please join #wikimedia-operations and write something like:
!log Removed 2FA for Arsog1985 SUL account (T168779)

A bot will then publish the entry to https://wikitech.wikimedia.org/wiki/Server_Admin_Log, that helps for transparency and future reference.

Stashbot subscribed.Jul 11 2017, 4:16 PM

Mentioned in SAL (#wikimedia-operations) [2017-07-11T16:16:55Z] <tzatziki> Removed 2FA for Arsog1985 SUL account (T168779)

jrbs added a comment.Jul 11 2017, 4:17 PM
In T168779#3425596, @Dereckson wrote:
In T168779#3425557, @jrbs wrote:

...I have now removed this from the account. @Ashot1997...

Please join #wikimedia-operations and write something like:
!log Removed 2FA for Arsog1985 SUL account (T168779)

A bot will then publish the entry to https://wikitech.wikimedia.org/wiki/Server_Admin_Log, that helps for transparency and future reference.

Argh, sorry. Done!

Ashot1997 added a comment.Jul 11 2017, 6:16 PM

As we can see, Arsog1985 is active again. Thank you all very much.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL