Follow up

edit

This post is to remove the red link from your signature, but I have a suggestion. When the time is right, please announce at WP:AN where an analysis of the recent problems can be seen, or will be seen. Or, if it is too sensitive even after a month, please say that. Thanks for what you have done so far. Johnuniq (talk) 00:32, 15 November 2016 (UTC)Reply

@Johnuniq: We will definitely post to WP:AN when we have an analysis ready for public consumption. This will definitely happen sooner than a month from now. I expect it will happen before the end of this week - perhaps even tomorrow. Some other users have filed a bug - phab:T150605 about a public analysis. BWolff (WMF) (talk) 00:49, 15 November 2016 (UTC)Reply

Telegram

edit
 
Hello, BWolff (WMF). Please check your email; you've got mail!
Message added 15:16, 16 November 2016 (UTC). It may take a few minutes from the time the email is sent for it to show up in your inbox. You can remove this notice at any time by removing the {{You've got mail}} or {{ygm}} template.

-- samtar talk or stalk 15:16, 16 November 2016 (UTC)Reply

Question

edit

Hi there. I have been writing the page Wikipedia:Compromised accounts with info about compromised accounts. Any comments would be appreciated.

I have a question for you: if a user is shut out of a compromised account (the password has been changed) and password resetting is disabled (maybe the account email has been changed) is there any course of action that can be taken? Would the stewards or anyone else be able to help in these circumstances, to regain back control? --Jules (Mrjulesd) 12:06, 21 November 2016 (UTC)Reply

@Mrjulesd: That's more a question for the Support and safety team than it is for me, but my understanding is that if the person can prove beyond doubt to the stewards and/or WMF support and safety team that they are the legitimate owner of the account, then it will be restored to them. This is difficult to prove if the person didn't set an email, but its not impossible. BWolff (WMF) (talk) 23:54, 21 November 2016 (UTC)Reply
Thanks for that. do you know if a log of a/c email addresses used is kept? Lets say a hacker change the email account to prevent password resets, would there be any way of checking this? It might be one way of proving a/c ownership, if a/c email changes where reversed. --Jules (Mrjulesd) 00:07, 22 November 2016 (UTC)Reply
We do keep logs for users who are admins (Perhaps we should do it for all users). BWolff (WMF) (talk) 03:34, 22 November 2016 (UTC)Reply