Notify privileged users that do not have an email configured
Open, Needs TriagePublic
Actions

Assigned To

None

Authored By

	• acooper
	Apr 4 2025, 3:28 PM

Project Tags

Referenced Files

None

Subscribers

Description

Summary

There are privileged user accounts who have not configured any email on their account. There is a risk with the new EmailAuth security measures that these important users may become locked out of their account, as the are unable to lookup the email authentication code.

We need to send each of these users a message notification asking them to configure an email address on their account.

Spec
- Category: alert
- Icon: linkSecure
- Text: Add an email now
- Secondary text: Add and confirm your email for security purposes
- Primary action: Configure email preferences (link to Special:Preferences#mw-prefsection-personal-email)
- Secondary action: Confirm email (link to Special:ConfirmEmail)

Technical notes

We can use the list of privileged users who do not have emails here: https://phabricator.wikimedia.org/P74605 (would be worth someone double checking the data processing in there is correct, I put comments in the ticket to show how it was generated)

Related Objects
Search...

		Status	Subtype	Assigned	Task
		Open		None	T391189 More users should have working email addresses
		Open		None	T391119 Notify privileged users that do not have an email configured

Event Timeline

• acooper created this task.Apr 4 2025, 3:28 PM

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptApr 4 2025, 3:28 PM

• acooper updated the task description. (Show Details)Apr 4 2025, 3:39 PM

• acooper updated the task description. (Show Details)

Tgr mentioned this in T32018: Require some user groups to have a periodically confirmed valid email address.Apr 6 2025, 1:11 PM

Tgr added a parent task: T391189: More users should have working email addresses.Apr 6 2025, 1:41 PM

Is the task about sending a one-time notification to the privileged users who don't have an email address right now, or about setting up a system where, whenever a privileged user doesn't have an email address (either because such a user becomes privileged, or because a privileged user removes their email address), they get notified?

The latter is similar to T58028: Show Echo web notification (asking users to consider providing an email) to users who don't have an e-mail address associated with their account.

Johannnes89 subscribed.Apr 27 2025, 9:19 AM

Not sure if EmailAuth is the right place to do this. (It's an option; could also use Echo or core or GrowthExperiments (T215626: [EPIC] Growth: Emailability ) or a new extension.

from the task description:

There are privileged user accounts who have not configured any email on their account. There is a risk with the new EmailAuth security measures that these important users may become locked out of their account, as the are unable to lookup the email authentication code.

As currently written, this doesn't seem to be a risk, unless I'm misunderstanding something? If a privileged user account doesn't have an email address linked to that account, then IIUC EmailAuth won't trigger at all.

It might be good for privileged users to set an email address for their account, so that e.g. EmailAuth verification could be used in the event of a suspicious-seeming login; but that's different to what's currently written (and seems like it'd be an account security enhancement that's possible as a result of the EmailAuth deployment, rather than mitigation for a new risk introduced by the EmailAuth deployment).

Notify privileged users that do not have an email configuredOpen, Needs TriagePublicActions