Wikipedia talk:User account security/Archive 2

This is an archive of past discussions. Do not edit the contents of this page. If you wish to start a new discussion or revive an old one, please do so on the current talk page.

Just posting that in the last week or so I've had multiple messages about failed attempts to log into my account. I have since changed my password to make it stronger, and am posting this in case it is a wider issue, as I've never had this happen before. Kaiser matias (talk) 11:22, 5 November 2017 (UTC)

I have had the same issue over the last week. 9 November 2017. — Preceding unsigned comment added by 184.89.204.67 (talk) 02:11, 10 November 2017 (UTC)

Yes, I have had the same issue. In the past two weeks "someone" has tried to sign into my account 49 times. I was flattered at first because I felt that I was important enough for people to try to hack my wikipedia-account. But it is probably a bug of some sort :P Xashm (talk) 20:05, 6 December 2017 (UTC)

Today I received two messages Login to Wikipedia as Dennis1989 from a computer you have not recently used. So someone had signed into my account. I changed my account password twice and still received the messages. More people dealing with this problem? Is it a bug or so? Dennis1989 (talk) 16:20, 5 January 2018 (UTC)

There have been multiple reports of this, for example, WP:AN (permalink). That mentions phab:T174388 which indicates that the IP of the user who attempted the login will be reported to the owner of the account. There is no need to worry unless there are many hundreds of attempts except anyone using a weak password or the same password on multiple sites should panic. Anyone can download enormous lists of user names and passwords that have been hacked from many organizations. The failed login attempts might be bored kids playing, or they might be someone checking whether the target user has the same password as used on another site. Each Wikipedia user should have a reasonably strong password that they do not use anywhere else. For example, see WP:STRONGPASS. Johnuniq (talk) 23:03, 5 January 2018 (UTC)

I have received a notification indicating someone has attempted to gain unauthorized access my account no less than five times. Is there any way for me to see what the offending IP address is? Or even the general location? I have too little information to work with here. Master of Time (talk) 09:41, 7 February 2018 (UTC)

Came here after looking it up on Google re failed log-in attempts at Wikipedia;  ? I suddenly received 3 yesterday, and changed the password to 30 characters, then just now got another one. It's hardly something to worry about, but I can't conceive what treasures a hacker expects to find in my Wikipedia account. Claverhouse (talk) 11:19, 4 May 2018 (UTC)

There is an ongoing attack. See VPT + phab:T193769 + AN. Johnuniq (talk) 23:47, 4 May 2018 (UTC)

It says “If you edit from a public WiFi network it is a good idea to use a VPN...”. This is not my area of expertise but I am pretty sure that can actually get you a proxy block. Beeblebrox (talk) 19:04, 5 May 2018 (UTC)

I suggest it remains good advice. Using a VPN will not usually get you a block - our policies specifically allow editing from 'anonymising proxies'. Accounts can edit from a VPN and nobody will usually ever know. A checkuser might eventually spot it if they're investigating some abuse, but they typically won't care as long as the user is not involved in policy violations, much like any other network. Editing from a VPN without being logged in is typically not going to get it blocked either, again if there's no abuse involved. Sometimes VPNs are blocked, sometimes bad actors on VPNs are blocked, but editing from a VPN is not usually the cause of a block. -- zzuuzz ^(talk) 20:07, 5 May 2018 (UTC)

I got two of them and I don't know if it's my internet connection screwing up or something like that. Is there a way to see IPs of login attempts? Nergaal (talk) 11:29, 7 May 2018 (UTC)

This is an ongoing issue, it’s not you or anything you did, it’s someone basically trolling the login system of Wikipedia. A tool i supposedly being developed that will allow you to view the IP of any login attempt, but it is not yet functional. Beeblebrox (talk) 17:48, 7 May 2018 (UTC)

Is there any way currently to check if the attempts were from a neighboring IP? (i.e. somebody collected my info from an open IP I personally used wirelessly?) Nergaal (talk) 18:32, 7 May 2018 (UTC)

No, but given the scale of this attack (possibly tens or hundreds of thousands of accounts) it is unlikely. -- zzuuzz ^(talk) 18:36, 7 May 2018 (UTC)

I rewrote this section to better address the average reader. This is where you end up when you search for information regarding your Wikipedia password. Please confine any highly techical details and advice to subsequent sections. Do not introduce "entropy" or "VPN" in the first user-friendly section.

Also, the section has been rewritten from the formal passive voice. Instead it addresses you, the reader. Here's what you should do, in simple easy to understand English.

Of course, I merely guessed at Wikipedia policy regarding password strength - you are more than welcome to tweak the message to conform to any actual limits imposed by the software.

Also two subsections: changing your password, and what to do when (if) you get hacked. I don't have the knowledge to fill these out, and so I've left them for you.

Again, feel free to re-add what I cut away but please not in the General section. CapnZapp (talk) 10:31, 16 January 2019 (UTC)

I agree that your rewrite is an improvement although it needs some copy editing. I might look at that later. Meanwhile I have time to say only that I hate advice to "be careful" (in this case, on WiFi). If we can't say something about what a person should do (or link to a reasonable statement), it would be better to omit "be careful". Johnuniq (talk) 23:59, 16 January 2019 (UTC)

Thank you - especially for the policy page (at meta). One point though - let me be the first to acknowledge how hard it can be to keep instructional texts accessible, easy and friendly when you want to appear authorative... and then point out that addressing "you" got lost in your edit. (You added an "All Users..." which immediately makes it... well, formal and distant). I'll give you some time to mull this. Best regards, and again thanks for your edit. CapnZapp (talk) 08:50, 17 January 2019 (UTC)

Notification: I plan to set up automatic archival within the week month quarter. CapnZapp (talk) 08:53, 17 January 2019 (UTC)

 Done CapnZapp (talk) 08:41, 20 March 2019 (UTC)

There is a move discussion in progress on Wikipedia talk:Simple 2FA which affects this page. Please participate on that page and not in this talk page section. Thank you. —RMCD bot 23:17, 25 March 2019 (UTC)