[pywikibot] Re: Fwd: [Wikitech-l] Please update your bot is if is using (non-bot-)password-based login

[info]

Hi all, It seems that ClientLogin no longer works (even for 2FA accounts) for any bot user because a captcha response is required but there is also no read permission for the initial step. See T396927 for it. Any ideas how to proceed? Best xqt Von meinem iPhone gesendet Am 08.06.2025 um 18:48 schrieb i...@gno.de: Hi all client login still works and there is no breaking change expected except the bot is not running interactively. I have implemented EmailAuth last week and merged it last Friday. It is a generic implementation of the previous implementation of 2FA login. Anyway high frequent running bots should use BotPassword or OAuth especially if they are not running interactively. Best xqt Am 08.06.2025 um 13:17 schrieb Maarten Dammers <maar...@mdammers.nl>:  Hi folks, This will possible break a lot of bots. Manual how to switch at https://www.mediawiki.org/wiki/Manual:Pywikibot/BotPasswords One liner I use on Toolforge to test if it still works: toolforge jobs run --image python3.11 --filelog-stdout logs/login.log --filelog-stderr logs/login.log --command "~/pyvenv/bin/python3 ~/pywikibot/pwb.py login.py -lang:commons -family:commons" login Not really easy to see in Pywikibot if you use deprecated way of logging in so created https://phabricator.wikimedia.org/T396299 for that. Maarten -------- Forwarded Message -------- Subject: [Wikitech-l] Please update your bot is if is using (non-bot-)password-based login Date: Wed, 4 Jun 2025 23:26:12 +0200 From: Gergo Tisza <gti...@wikimedia.org> Reply-To: Wikitech-l <wikitec...@lists.wikimedia.org> To: Wikimedia developers <wikitec...@lists.wikimedia.org> Hi! Since the introduction of AuthManager in 2016, there are two officially supported authentication methods for bots: obtaining a session cookie using the action=""> API with a bot password; loginless authentication using OAuth 1.0 or 2.0 with an owner-only consumer. action=""> with a normal password has been deprecated for a decade, and action=""> API was never supported for non-interactive login. Still, in the past, these methods worked most of the time - often enough that many bots kept using them. This is going to change very soon as we are introducing more interactive challenges during login to improve account security. If your bot still uses one of the non-supported methods, please change it now. Usually this only requires generating a bot password via Special:BotPasswords and giving the bot that instead of your normal password. For the change that prompted this email, see T395205. There will probably be more such changes in the future, and they won't be announced separately. Thanks for your understanding, and for your help in evolving the Wikimedia developer ecosystem. _______________________________________________ pywikibot mailing list -- pywikibot@lists.wikimedia.org Public archives at https://lists.wikimedia.org/hyperkitty/list/pywikibot@lists.wikimedia.org/message/MEDZBLXCYRN3733O4LN3QCVRPZUPUGUZ/ To unsubscribe send an email to pywikibot-le...@lists.wikimedia.org _______________________________________________ pywikibot mailing list -- pywikibot@lists.wikimedia.org Public archives at https://lists.wikimedia.org/hyperkitty/list/pywikibot@lists.wikimedia.org/message/JHSRQNN3GJIS6HMGO6P7A4NDDPCCX3FR/ To unsubscribe send an email to pywikibot-le...@lists.wikimedia.org

_______________________________________________
pywikibot mailing list -- pywikibot@lists.wikimedia.org
Public archives at 
https://lists.wikimedia.org/hyperkitty/list/pywikibot@lists.wikimedia.org/message/MRCH6PX3MIUN5QZBYN3PWS4XFMFLIBME/
To unsubscribe send an email to pywikibot-le...@lists.wikimedia.org