Page MenuHomePhabricator
Create Task
Maniphest T315488

Show failed login attempts in the results list for the user
Open, HighPublicFeature
Actions

Description

I received a warning about several failed attempts to log into the account. Standard CheckUser did not provide information about this. When checking a suspicious IP address, the information came up for me. This means that the information about attempts is saved. For the benefit of hacking attempts on sensitive accounts, it is useful to program the interface to save the logs of the login attempts also when retrieving data on the target account and not only when retrieving data on the IP address. Thanks,

Related Objects
Search...

StatusSubtypeAssignedTask
 OpenNoneT340995 Display client hint data in Special:Investigate
 OpenFeatureNoneT315488 Show failed login attempts in the results list for the user
 OpenDreamy_JazzT145265 Store check user data action text in structured format
 DuplicateNoneT154796 Flow links formatting fail on Special:CheckUser
 OpenFeatureDreamy_JazzT324907 Create separate tables for log events in CheckUser
 ResolvedLadsgroupT326105 Create cu_log_event and cu_private_event on WMF wikis
 ResolvedMilimetricT327447 FYI: Other changes to the CheckUser tables
 OpenNoneT341829 Enable read new for the event table migration
 ResolvedDreamy_JazzT330158 Enable write new for the event table migration
 ResolvedDreamy_JazzT328874 Create temporary column in cu_changes to assist in migration to the new tables
 Resolved MarosteguiT329203 Add new column cuc_only_for_read_old to cu_changes for migration purposes to wmf wikis
 ResolvedPRODUCTION ERRORDreamy_JazzT342902 Wikimedia\Rdbms\DBQueryError: Error 1054: Unknown column 'cuc_only_for_read_old' in 'field list'Function: MediaWiki\CheckUser\Hooks::onAuthManagerLoginAuthenticateAuditQuery: INSERT INTO `cu_changes` (cuc_page_id,cuc_namespac
 Resolved MarosteguiT343174 Add missing column cuc_only_for_read_old to testcommonswiki
 OpenDreamy_JazzT328992 Add read new support to Special:CheckUser for event table migration
 OpenDreamy_JazzT328995 Enable read new support in Special:CheckUser's 'Get edits' mode
 OpenBUG REPORTDreamy_JazzT347773 Log action text shown when reading new does not respect the deleted status of the log
 ResolvedDreamy_JazzT328997 Enable read new support in Special:CheckUser's 'Get users' mode
 OpenDreamy_JazzT328998 Enable read new support in Special:CheckUser's 'Get IP Addresses' mode
 OpenNoneT329189 Add read new support to Special:Investigate for event table migration
 OpenDreamy_JazzT329200 Enable read new support in Special:Investigate's 'Timeline' tab
 OpenDreamy_JazzT329201 Enable read new support in Special:Investigate's 'IPs & User agents' tab
 ResolvedDreamy_JazzT328988 Create a SelectQueryBuilder that allows selecting from all three tables
 OpenDreamy_JazzT347102 Alias column names in Special:Investigate to not include the "cuc_" prefix
 OpenNoneT341827 Add read new support to the CheckUser API
 ResolvedDreamy_JazzT342629 Investigate CheckUser currently saving failed login attempted to usernames which fail RIGOR_VALID
 OpenDreamy_JazzT341688 Create LogFormatter for cu_private_event log events
 OpenBUG REPORTDreamy_JazzT347400 Read new cannot parse the log_params of global block log entries
 OpenDreamy_JazzT341830 Create maintenance script to delete entries only for read old
 ResolvedDreamy_JazzT341586 Allow write old and new for event table migration
 ResolvedDreamy_JazzT341934 Failing tests for CheckUser when event table migration config set to WRITE_BOTH and READ_NEW
 ResolvedDreamy_JazzT342371 Create a maintenance script used only for testing to insert a large volume of testing actions to CheckUser
 OpenPRODUCTION ERRORpmiazgaT343983 Error: Call to a member function getTimestamp() on null
 OpenNoneT346022 How does wgCheckUserLogAdditionalRights affect read new for event table migration
 OpenDreamy_JazzT346044 Remove CheckUserUnionQueryBuilder

Event Timeline

dagesh.chazak created this task.Aug 17 2022, 8:47 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptAug 17 2022, 8:47 PM
Reedy added projects: CheckUser, MediaWiki-extensions-LoginNotify.Aug 17 2022, 8:51 PM
Restricted Application added a project: Community-Tech. · View Herald TranscriptAug 17 2022, 8:51 PM
MusikAnimal removed projects: Community-Tech, MediaWiki-extensions-LoginNotify.Aug 18 2022, 6:58 PM
MusikAnimal added a subscriber: MusikAnimal.

As I read it this is a feature request for CheckUser and does not concern LoginNotify. Please re-add the tag if I'm wrong!

MusikAnimal removed a subscriber: MusikAnimal.Aug 18 2022, 6:58 PM
Dreamy_Jazz added a subscriber: Dreamy_Jazz.Aug 18 2022, 8:23 PM

Yup. This would be a patch to CheckUser. This may be best done after the action is stored in a structured way as I suspect it may be best to allow the user to say if they want to see failed login attempts when checking an account.

Dreamy_Jazz renamed this task from Information about account login attempts in the target account as well to Show failed login attempts in the results list for the user.Aug 18 2022, 8:24 PM
Aklapper changed the subtype of this task from "Task" to "Feature Request".Aug 18 2022, 9:13 PM

@dagesh.chazak: Thanks for reporting this. For future reference, please use the feature request form (linked from the top of the task creation page) to create feature requests, and fill in the sections in the template. Thanks!

Dreamy_Jazz moved this task from General / Unsorted to Under discussion / Needs discussion on the CheckUser board.Aug 21 2022, 2:06 PM
TheresNoTime added a subscriber: TheresNoTime.Sep 14 2022, 3:20 PM
TheresNoTime added a subtask: T264483: LoginNotify doesn't log full IP.Sep 14 2022, 3:24 PM
TheresNoTime removed a subtask: T264483: LoginNotify doesn't log full IP.
GeneralNotability added a subscriber: GeneralNotability.Sep 14 2022, 3:39 PM
Dreamy_Jazz moved this task from Under discussion / Needs discussion to General / Unsorted on the CheckUser board.Sep 19 2022, 11:01 AM
Dreamy_Jazz added a comment.EditedSep 19 2022, 11:33 AM

The methods to achieve this are:

  • Implement the structured data change (T145265) in such a way that allows a SQL query to perform a search for just password resets on a particular account, so that the query can include these password resets.
  • Add a new column to the DB that allows CheckUser to store what other results the row should appear in. This would likely involve this storing the user ID(s) of users that the row should appear in.

All solutions to this problem will require a change to the DB. The latter will be simpler but would require adding a new column which again will take time.

Dreamy_Jazz added a subtask: T145265: Store check user data action text in structured format.Sep 19 2022, 11:33 AM
Dreamy_Jazz added a project: Schema-change.Sep 19 2022, 11:43 AM
Dreamy_Jazz moved this task from Unsorted to Add / Create on the Schema-change board.
AntiCompositeNumber added a subscriber: AntiCompositeNumber.Nov 13 2022, 10:30 PM
Dreamy_Jazz triaged this task as High priority.Nov 14 2022, 10:09 AM

Due to a recent socking case discussed on the checkuser-l list the need for this has been shown as evident.

Dreamy_Jazz added a comment.Nov 14 2022, 11:07 AM

Because I've been asked to keep DB changes to a slow pace, this is likely not going to be implementable for a while. Ideally the structured data change for log events would be used to achieve this. Having an extra column to indicate which user IDs the results need to be in would then be made largely redundant once the parameters of the log event can be accessed like in the logging table.

Dreamy_Jazz mentioned this in T324907: Create separate tables for log events in CheckUser.Dec 10 2022, 9:27 PM
Content licensed under Creative Commons Attribution-ShareAlike 4.0 (CC-BY-SA) unless otherwise noted; code licensed under GNU General Public License (GPL) or other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL