This page has archives. Sections older than 5 days may be automatically archived by Lowercase sigmabot III.
To contact bureaucrats to alert them of an urgent issue, please post below. For sensitive matters, you may contact an individual bureaucrat directly by e-mail.
You may use this tool to locate recently active bureaucrats.
The Bureaucrats' noticeboard is a place where items related to the Bureaucrats can be discussed and coordinated. Any user is welcome to leave a message or join the discussion here. Please start a new section for each topic.
This is not a forum for grievances. It is a specific noticeboard addressing Bureaucrat-related issues. If you want to know more about an action by a particular bureaucrat, you should first raise the matter with them on their talk page. Please stay on topic, remain civil, and remember to assume good faith. Take extraneous comments or threads to relevant talk pages.
If you are here to report that an RFA or an RFB is "overdue" or "expired", please wait at least 12 hours from the scheduled end time before making a post here about it. There are a fair number of active bureaucrats; and an eye is being kept on the time remaining on these discussions. Thank you for your patience.
It is 15:43:37onJuly 9, 2024, according to the server's time and date.
Resysop request (JzG)
The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.
The discussion above is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.
Hello, all! At some point I apparently added two-factor authentication to my main account, though I don't honestly recall doing it. As such, I don't have a means to obtain authentication codes and no longer have access to my admin account. I'm not sure what the procedure is in this situation, but I don't expect I'll ever be able to access the account again, so it might be best to remove the admin bit. Otherwise, I suppose it'll be removed eventually due to inactivity. I have email enabled on both accounts if some verification is needed. Best, --auburnpilot'ssock19:31, 11 November 2017 (UTC)[reply]
Thanks for the quick response! It's definitely a 2FA issue as I'm getting asked for a verification code when logging into the site. Unfortunately, the device I would have used at the time was issued by the company I previously worked for and is no longer in my possession (wiped clean and returned upon leaving the company about 5 months ago).
As for proving the connection between accounts, I'm sure there are several people I've been in contact with off project who could confirm and I have no issue with a CU comparing IPs. I also provided a committed identity at some point in the past. It should be in the deleted history of the userpage for my main account (now to remember the string! haha). Thanks! --auburnpilot'ssock03:03, 12 November 2017 (UTC)[reply]
OK, so that clears #1, and #2. Assuming you want to be an admin again, #3 will be needed, do you want to go for the move to a new accountorbeg a dev route? Your deleted CI begins with "c0e6" and was from 2007 - this would be useful for either. — xaosfluxTalk03:24, 12 November 2017 (UTC)[reply]
Thanks again, all! By random chance, my admin account was still logged in on the PC in my home office, but I'm still unable to disable the two factor authentication since I can't generate a code. Once this login token expires, I'll be right back in the same spot. It seems like the easiest option would be to simply move the admin access to a different account. Xaosflux: do you think it would be too confusing to flip the bit on the sock account (User:AuburnPiIot) I was using above? Thanks, --auburnpilottalk23:14, 14 November 2017 (UTC)[reply]
No issues with this at all I think we can file this under purely routine housekeeping. With 2FA this sort of thing is going to happen from time to time. Because my 2FA is limited to a single device I am always worrying that if something were to happen to it I might get locked out. To that end I have the emergency log in codes in a separate place and I created another account w/o administrator rights so I could log in in case I did not have immediate access to my computer. -Ad Orientem (talk) 02:10, 15 November 2017 (UTC)[reply]
@Ad Orientem: if you saved your initial two-factor secret key (or re-register and get a new one) you can activate your 2FA on multiple devices. Storing those scratch codes securely is wise! — xaosfluxTalk04:33, 15 November 2017 (UTC)[reply]
While asking a dev to disable 2FA is an option, I actually think the preferable option is a transfer of rights. I get the scrutiny part, but we should not make it a practice to recommend dev's undoing 2FA, even when CU confirms that the accounts are the same. It is meant to be difficult to break for security reasons, and setting as a principle that we do not disable it except under very rare circumstances beyond the person's control would be a good thing. Since this is also the preference of AuburnPilot, we should just transfer the access between accounts. TonyBallioni (talk) 15:43, 15 November 2017 (UTC)[reply]
No concerns - any account which can prove themselves to be the same person may ask to have the rights transfered to it. We approve the person at RFA, not the account. עוד מישהוOd Mishehu08:19, 15 November 2017 (UTC)[reply]
No worries about this, but we do need a better way of dealing with lost 2fa and transferring 2fa to a new device. It's there anything in phab already related to this? GoldenRing (talk) 08:32, 15 November 2017 (UTC)[reply]
Transferring 2FA to another device is not hard. I've done it multiple times with my device. It's just that people don't always remember to do so. This is WHY the instructions tell you to print and safeguard the scratch codes, which provides further evidence that people don't read instructions. :) phab:T100375 and related tickets capture some of the problems with regard to problems and the recovery processes. There are also several community wishlist proposals on the topic of 2FA, which I encourage you to vote for when the voting process begins. —TheDJ (talk • contribs) 12:37, 15 November 2017 (UTC)[reply]
@TheDJ: I recently went through four phones in about a month (due to a series of ridiculous incidents involving badminton, OTA updates and alcohol). Each time, I had to disable 2FA and re-enable it to transfer from one phone to another. Unless I missed something in the process, disabling and re-enabling 2FA makes all your existing scratch codes useless and it generates you a new set. So every time you want to move to a new device, you have to redo your scratch code storage.
Other providers who use 2FA have a way of transferring code generation from one device to another, so long as you both know the password and have either a scratch code or a working code generator. GoldenRing (talk) 13:54, 16 November 2017 (UTC)[reply]
No concerns, although getting dev to disable the 2FA does seem like a better option because of the history. Being an admin, this is likely more important than not, for the ease of researching past actions, etc. I would strongly prefer the dev route if possible. Dennis Brown - 2¢15:32, 15 November 2017 (UTC)[reply]
Ha, AuburnPilot is still around! NO BLOCK AND DESYSOP JUST TO PISS HIM OFF AND RESTORE AFTER IRON BOWL! Bwahaha. Also, this has me worried a little bit--if I have a similar screw-up I'm not sure what I would do. Drmies (talk) 15:41, 15 November 2017 (UTC)[reply]
@Drmies: it worries me also. Make sure you have copies of your scratch codes, and I'd say if you need to use one, you should then turn of 2FA and do it again, getting new scratch codes. That may be being over cautious, but no one wishes to lose their account. Doug Wellertalk17:26, 15 November 2017 (UTC)[reply]
Doug, I don't even remember what "scratch codes" were, precisely. I think I may have something saved on my computer at home, maybe. Drmies (talk) 17:33, 15 November 2017 (UTC)[reply]
Confession: I may hold a degree from the greatest university in the state of Alabama, but I will forever be a Bama fan thanks to being raised by parents and siblings who graduated from UA. I was definitely the guy going to class on Auburn's campus wearing a hat signed by Gene Stallings. --auburnpilot'ssock21:29, 15 November 2017 (UTC)[reply]
Concern as a matter of procedure. I would prefer that AuburnPilot recovers their original account through Phabricator. The Wikimedia Foundation has technical staff with a lot more tools at their disposal than what CheckUsers have to determine if the original owner is in control of the account. Why not leave this to the experts? Now, I am sure that AuburnPilot and AuburnPiIot are the same person. I just don't think that a vote of random community members is how this sort of case should be handled. -- Ajraddatz (talk) 20:58, 15 November 2017 (UTC)[reply]
Thanks to everyone who has taken the time to comment! I haven't been too active recently but it's good to be back around the site. Reading all the comments above, I see some concerns regarding admin access being moved from one account to another. My preference is simply for whatever is easier for those required to do the work cleaning up my mistake in not maintaining the authentication access for the account. From my chair, it seems easier to move the access but I'm not familiar with Phabricator and haven't the slightest clue if the devs would be willing to remove 2FA. Regardless, I'm open to whatever option requires the least inconvenience on others! Best, --auburnpilot'ssock21:20, 15 November 2017 (UTC)[reply]
I think it's just me concerned with moving the access. Moving access is certainly the easier option, and there is clear consensus here for that to happen. But I still feel that account security issues should be handled by the people who are paid to handle account security issues, rather than decided by a vote of 15 people with limited access to the information required to make an informed comment on the situation. -- Ajraddatz (talk) 21:49, 15 November 2017 (UTC)[reply]
Done@AuburnPilot: as there has been plenty of time and you have successfully recovered your account I've restored your prior +sysop bit, the move is no longer needed. @Ajraddatz: and @Cyp: your process points are important, but I think they are bigger than enwiki. Other then phab:T85706 a meta: discussion may be the place to drive this forward, as it is a global issue. — xaosfluxTalk03:06, 16 November 2017 (UTC)[reply]
FYI
I dropped the sysop bit for a while and this automatically removed 2FA (which is not enabled for ordinary users). So all that's actually needed if this happens again I think is to desysop, gain access to the account and request resysop, then set up a new 2FA. That's what happened for me, anyway. The original 2FA token was no longer usable. Guy (Help!) 13:00, 17 November 2017 (UTC)[reply]
@JzG: removing a group from a single project should not deactivate your global 2FA setting. Are you sure this is what happened? When was it? I can go test on test2 later to see if it is a bug. — xaosfluxTalk13:44, 17 November 2017 (UTC)[reply]
Just FYI - I just went through the entire process with my alt account User:Xaosflux_ep via test2wiki: Made it an admin; had it enroll in 2FA; removed admin access :: 2FA did not get removed based on this change. The account was still able to unenroll using the normal process. 2FA is 'enabled' for all users, but 2FA 'enrollment' is not available for all users. @JzG: the symptom you reported is unexpected. — xaosfluxTalk16:10, 17 November 2017 (UTC)[reply]
The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.
The discussion above is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.
Request for removal of my admin rights
I'm sad to have to ask this but I'm not realistically going to have enough free time in at least the next couple years to be really active here and I don't want to potentially create a problem for the site. I just saw the bot's notification that I haven't been active in a year and I think that's as good a sign as any that I should give them up. I realize I can probably do so myself, but honestly I can't remember how. . :-) I've already updated my user page accordingly. Thanks for your help! Thingg⊕⊗13:01, 17 November 2017 (UTC)[reply]