This is an archive of past discussions with User:Ryan Norton. Do not edit the contents of this page. If you wish to start a new discussion or revive an old one, please do so on the current talk page.
Hello, Ryan Norton. Voting in the 2018 Arbitration Committee elections is now open until 23.59 on Sunday, 3 December. All users who registered an account before Sunday, 28 October 2018, made at least 150 mainspace edits before Thursday, 1 November 2018 and are not currently blocked are eligible to vote. Users with alternate accounts may only vote once.
The Arbitration Committee is the panel of editors responsible for conducting the Wikipedia arbitration process. It has the authority to impose binding solutions to disputes between editors, primarily for serious conduct disputes the community has been unable to resolve. This includes the authority to impose site bans, topic bans, editing restrictions, and other measures needed to maintain our editing environment. The arbitration policy describes the Committee's roles and responsibilities in greater detail.
A request for comment is in progress to determine whether members of the Bot Approvals Group should satisfy activity requirements in order to remain in that role.
A request for comment is in progress regarding whether to change the administrator inactivity policy, such that administrators "who have made no logged administrative actions for at least 12 months may be desysopped". Currently, the policy states that administrators "who have made neither edits nor administrative actions for at least 12 months may be desysopped".
Administrators and bureaucrats can no longer unblock themselves unless they placed the block initially. This change has been implemented globally. See also this ongoing village pump discussion (permalink).
To complement the aforementioned change, blocked administrators will soon have the ability to block the administrator that placed their block to mitigate the possibility of a compromised administrator account blocking all other active administrators.
In late November, an attacker compromised multiple accounts, including at least four administrator accounts, and used them to vandalize Wikipedia. If you have ever used your current password on any other website, you should change it immediately. Sharing the same password across multiple websites makes your account vulnerable, especially if your password was used on a website that suffered a data breach. As these incidents have shown, these concerns are not pure fantasies.
Shock Brigade Harvester Boris (Raymond Arritt) passed away on 14 November 2018. Boris joined Wikipedia as Raymond arritt on 8 May 2006 and was an administrator from 30 July 2007 to 2 June 2008.
R4 (new): Redirects in the file namespace (and no file links) that have the same name as a file or redirect at Commons are now covered under the new R4 criterion (discussion). This is {{db-redircom}}; the text is unchanged.
G13 (expanded): Userspace drafts containing only the default Article Wizard text are now covered under G13 along with other drafts (discussion). Such blank drafts are now eligible after six months rather than one year, and taggers continue to use {{db-blankdraft}}.
Members of the Bot Approvals Group (BAG) are now subject to an activity requirement. After two years without any bot-related activity (e.g. operating a bot, posting on a bot-related talk page), BAG members will be retired from BAG following a one-week notice.
Technical news
Starting on December 13, the Wikimedia Foundation security team implemented new password policy and requirements. Privileged accounts (administrators, bureaucrats, checkusers, oversighters, interface administrators, bots, edit filter managers/helpers, template editors, et al.) must have a password at least 10 characters in length. All accounts must have a password:
User accounts not meeting these requirements will be prompted to update their password accordingly. More information is available on MediaWiki.org.
Blocked administrators may now block the administrator that blocked them. This was done to mitigate the possibility that a compromised administrator account would block all other active administrators, complementing the removal of the ability to unblock oneself outside of self-imposed blocks. A request for comment is currently in progress to determine whether the blocking policy should be updated regarding this change.
{{Copyvio-revdel}} now has a link to open the history with the RevDel checkboxes already filled in.
Accounts continue to be compromised on a regular basis. Evidence shows this is entirely due to the accounts having the same password that was used on another website that suffered a data breach. If you have ever used your current password on any other website, you should change it immediately.
Around 22% of admins have enabled two-factor authentication, up from 20% in June 2018. If you haven't already enabled it, please consider doing so. Regardless of whether you use 2FA, please practice appropriate account security by ensuring your password is secure and unique to Wikimedia.
Administrators who are blocked have the technical ability to block the administrator who blocked their own account. A recent request for comment has amended the blocking policy to clarify that this ability should only be used in exceptional circumstances, such as account compromises, where there is a clear and immediate need.
A request for comment closed with a consensus in favor of deprecating The Sun as a permissible reference, and creating an edit filter to warn users who attempt to cite it.
Technical news
A discussion regarding an overhaul of the format and appearance of Wikipedia:Requests for page protection is in progress (permalink). The proposed changes will make it easier to create requests for those who are not using Twinkle. The workflow for administrators at this venue will largely be unchanged. Additionally, there are plans to archive requests similar to how it is done at WP:PERM, where historical records are kept so that prior requests can more easily be searched for.
A new IRC bot is available that allows you to subscribe to notifications when specific filters are tripped. This requires that your IRC handle be identified.
