2016-06 user session reset

Add links
From Meta, a Wikimedia project coordination wiki

Due to a programming error, users who logged in to a Wikimedia project wiki between 2016-06-07 and 2016-06-14 may have had the "Keep me logged in (for up to 30 days)” setting inadvertently selected, despite the checkbox not having been checked.

Specifically, users who logged into sites belonging to the following wiki groups were affected until 2016-06-14 16:00, and beginning from the times listed below:

  • group0: 2016-06-07 22:56
  • group1: 2016-06-08 22:44
  • group2: 2016-06-09 23:31

Approximately 160,000 user accounts are affected. In order to prevent unauthorized access to user accounts in instances of shared computer use, the Foundation is resetting user sessions for all users who logged in within the aforementioned timeframe. Users who have their session reset will need to log in again. IP addresses revealed by editing while logged out may be suppressed by local oversighters or stewards.

We apologize for the inconvenience this causes, but we want to reduce the possibility of unintended access to user accounts by unauthorized parties.

Technical information may be found at https://phabricator.wikimedia.org/T137799.

Retrieved from "https://meta.wikimedia.org/w/index.php?title=2016-06_user_session_reset&oldid=24927414"