>
> Another idea might be to for the software to offer to create a random
> password for users at account creation time, and also to make the same
> offer at password change time.
>
> For example, even using automatically generated simple-looking and
> reasonably simple passwords like
At the very least if 2FA is not possible for you;
# sign up for the have I been pwned website so you get alerts when your
passwords may have been compromised
# use a password manager like 1password so that you can use long unique
passwords for each site
T
On Wed, 16 Nov 2016 16:39 Chad,
Forwarding to Wikitech-l on request :)
Tom
-- Forwarded message --
From: Jon Davies jon.dav...@wikimedia.org.uk
Date: 6 September 2012 10:48
Subject: Request for a developer.
To: Wikimedia UK lists wikimediau...@lists.wikimedia.org
Having failed to find someone full time as a
n 24 August 2012 18:57, Tyler Romeo tylerro...@gmail.com wrote:
Yes, but that's only increased convenience. I'm wondering exactly what
security implications there are to our current system v. a token reset
system.
*--*
*Tyler Romeo*
Stevens Institute of Technology, Class of 2015
Major in
The criticism around AFTv5 in terms of product design (nevermind the code)
is largely echoed in the comments, yet we seem rather sure that we're
giving editors a tool of importance. My daily sampling of what's flowing
into the enwiki db from the feature appears to be 99% garbage, with the
On 17 August 2012 12:17, David Gerard dger...@gmail.com wrote:
On 17 August 2012 11:46, MZMcBride z...@mzmcbride.com wrote:
As MaxSem commented, perhaps Mailman ought to be re-evaluated as the
mailing
list software, though I've yet to come across (m)any software packages
that
are
I can cover some of thse:
*phpMyAdmin
This is an open source database manager for MySQL databases - it won't work
for what you want.
*SAML
*OpenID
From the page you link it looks like you know about these two; i.e. they
act as sign in gateways.
OpenID is more indie, SAML is more
Like...
This: http://status.wikimedia.org/?
:)
Tom
On 5 July 2012 15:09, jida...@jidanni.org wrote:
On http://wikitech.wikimedia.org/view/Main_Page there is a link to
Current status which doesn't show what is currently causing Wikipedia
to be down.
I suggest you take a lesson from
Hey all,
There have recently been a high number of complaints to OTRS about emails
recieved, supposedly from Wikipedia. I believe these to be spam, but I just
wanted to double check on the very small chance it is something gone wrong
somewhere :) The emails relate to account details and appears
On 23 April 2012 13:23, Petr Bena benap...@gmail.com wrote:
Indeed, unless there are some spam links inside, for example if it was
html mail, the reset token could be in fact a spam link leading to
another site. (like a href=http://somespam.comhttp://en.wikiped...
reset token/a)
On Mon, Apr
On 23 April 2012 13:34, Petr Bena benap...@gmail.com wrote:
Yes this is a template used by mediawiki from Special:PasswordReset,
and exactly this template, plain text is used on production of
wikimedia servers. Unless you can't retrieve the header of original
message, it's not possible to
Again, Just theatrical security, Most people tend to use the same
passwords everywhere, if this was the case for said Sysop, Their email
is also compromised. Also this would require wikis to have email
sending setup, as well as the user to have confirmed theirs.
That's the problem of
On 4 April 2012 10:21, Petr Bena benap...@gmail.com wrote:
I don't say this would be enabled for all projects, it could be a
replacement of that weird policy for removal of inactive sysops they
created on few wikis, including english wikipedia. It would be just a
slightly better solution for
On 4 April 2012 10:28, Petr Bena benap...@gmail.com wrote:
Indeed :-)
But if I didn't think it's weird, I wouldn't start this. I am always
trying to find a solution from programmer point of view for a problems
which community sometimes try to solve by hand.
From a security perspective (my
The current process needs to be done by hand, which isn't just
annoying, but also not fail safe, some accounts might be overlooked,
etc. Bureaucrats can mislick or forget.
Certainly automatic de-sysoping after a certain inactivity would be useful;
an extension that does the notifications and
Ok, your reply makes a lot of sense. However problem is that how users
get more hats they are usually more afraid of loosing them :-) and
would probably like to have an option to protect from attackers (I
don't really know but I hope that people with some extra flags are
trying to have a
On 4 April 2012 15:35, Petr Bena benap...@gmail.com wrote:
That sounds like as microsoft would interpret how perfect system
should work, and why I don't like windows:
We know best what the user wants, so let us configure the system
according to what we think that is best for them, without
On 4 April 2012 15:40, Petr Bena benap...@gmail.com wrote:
Also keep in mind we are talking about accounts which are interesting
for hackers, stewards and such. I hope that people who are
volunteering as stewards aren't just stupid and would eventually
read manual / ask someone who knows how
You know that for a significant portion of the world (and this list) it is
well past midday ;)
The beauty of a global organisation!
Tom
On 1 April 2012 18:29, Mono monom...@gmail.com wrote:
I'm excited to announce that the beta version of Liquid Threads 3 is now
available. We've come a long
However that means that after you reply, your original e-mailaddress is
visible.
In which case there is no advantage to using an alias over simply using
[[Special:EmailUser]], which is effectively also an alias for the first
mail.
Not at all. You can send mail from any address you choose;
Hey Petr,
I might be able to help you out with this (will try to find my way to
#huggle tonight). Seems an interesting project.
Is there anything in particular you're looking for help with?
Is there a demo/test version in place?
What state is the development in at the moment (i.e. is there a
localization files as we use for application, since there is a
translation for more than 15 languages already completed and all text
should be same.
On Wed, Mar 7, 2012 at 3:47 PM, Thomas Morton
morton.tho...@googlemail.com wrote:
Hey Petr,
I might be able to help you out with this (will try
Ideally X-Mailer (by convention) should be something like:
*MediaWiki/{version}*
In fact better would be
*MediaWiki/{version} **PHP/{version} *
But it probably doesn't matter too much :)
Tom
___
Wikitech-l mailing list
Wikitech-l@lists.wikimedia.org
Hi Mr. Nelson :P
I don't know if you are making fun of my bad english (I am not a
native english speaker, so that's why) or from the choice of
programming language, however if it's the second I already explained
why it's written in c# few hours ago. I hope it's clear enough and
actually I
The issue is that, even if power users don't use the new interface they
still need to be able to use the old one to edit the same articles. If the
wikitext created by the visual editor is unnecessarily complicated and
unreadable (like the html produced by ms frontpage, for instance) then
If I remember correctly; stats collection is imperfect, and that results in
some odd numbers.
That is just my memory of why it looks like that.
Tom
On 4 October 2011 14:10, Gregory Kohs thekoh...@gmail.com wrote:
Does the Wikimedia Foundation's technology team have any insight or
comment on
Regression error? This was raised a little while ago and supposed to have
been fixed :)
https://bugzilla.wikimedia.org/show_bug.cgi?id=30261
http://lists.wikimedia.org/pipermail/wikitech-l/2011-August/054538.html
Tom
On 9 September 2011 10:07, emijrp emi...@gmail.com wrote:
Hi;
The site was spammy but there didn't seem to be any actual malware. It would
certainly have scammed your details though.
Tom
On 8 August 2011 19:17, Thomas Gries m...@tgries.de wrote:
I have an IT security related questing regarding that bogus internet web
site to which sep11.wikipedia.org
I am note sure who might be in a position to correct this, but this list
seems the most likely..
For some reason sep11.wikipedia.org subdomain is forwarding to a spam site -
this was pointed out on OTRS earlier.
I assume this was set up as a redirect to the 9/11 memories Wiki, and that
site has
Those are much nicer colours, anyway, in my opinion.
Tom
On 27 July 2011 14:42, Leo Koppelkamm diebu...@gmail.com wrote:
Hi folks
please have a look at Bug
11374https://bugzilla.wikimedia.org/show_bug.cgi?id=11374: Red
.diffchange text in the green 'added' area may be hard to read for
Quick one for the tech folks: is there a known issue with printing at the
moment?
OTRS keeps getting comments that printing gets cut off after one page... I
searched bugzilla to no avail and am 99% certain this is a local computer
issue each time, but I wanted to check no one was aware of an
Or look for actives on one wiki.. and then cross check those names with all
the other wikis for the same names with over, say, 300 edits (at any time).
Tom
On 16 June 2011 22:34, M. Williamson node...@gmail.com wrote:
I would say broaden the span and lower the number of contribs required
just
There is a lot of cross-wiki collaboration that can be done (whilst
supporting the idea of wiki independence) and should be
encouraged. Foundation work, cross-wiki translations of material, etc. Alec
is largely talking about the board elections though, which was Anglo-centric
and could have
Default gadgets would solve an issue I am facing at the moment :)
So +1 to deployment of updates.
Tom
On 7 June 2011 22:25, Leo Koppelkamm diebu...@gmail.com wrote:
There's usually some code (general utility fn's, some legacy remappings
etc.) in common.js that could break a lot of stuff if
Heh, you think?
Deploying a new browser is not a trivial exercise in some large-scale
environments.
And a lot of companies have really useless IT departments (i.e. no budget).
Trust me; we get employed (at vastly greater expense than simply upgrading)
to tell them why their IT infrastructure is
You might want to dig into French Wikipedia. IIRC They run a link
archival service (there was discussion about enabling it for English
Wikipedia, but I don't think it came to anything) and might have some
helpful material.
I forget the name I'm afraid, it's discussed somewhere on the en.wiki
36 matches
Mail list logo