Community Wishlist Survey 2019/Admins and patrollers/Allow De-Privileged logons to webui

From Meta, a Wikimedia project coordination wiki
Jump to navigation Jump to search
Random proposal ►

 ◄ Back to Admins and patrollers  The survey has concluded. Here are the results!


  • Problem: Currently privileged users must maintain multiple user accounts when wanting to log on with lesser access.
  • Who would benefit: Any privileged user, especially highly privileged users such as admins, interface editors, stewards
  • Proposed solution: Allow users to create sub-identities similar to Special:BotPasswords with different access grants, that allow interactive logon.
  • More comments: This will allow users that want to log on with less access (for example from mobile devices, from less trusted devices, or just to test things) to do so without having to maintain multiple accounts, with possibility of not requiring 2FA if otherwise enabled for sub-identities.
  • Phabricator tickets: T153454
  • Proposer: — xaosflux Talk 14:59, 8 November 2018 (UTC)

Discussion[edit]

  • I think having two accounts with different privileges is a much easier concept to explain and understand than one account that has different privileges depending on which password you put in. Multiple accounts seems like a much simpler solution to the problem and it's also a solution that already exists. I don't think this wish is a bad idea per se, but personally I'd rather see Community Tech focus their limited resources on problems that do not have fairly workable solutions already. --Deskana (talk) 16:28, 9 November 2018 (UTC)
Single accounts already do get different privileges depending on the credentials used with BotPassword and OAuth, however they are limited to the API instead of the WebUI. Keep in mind, this would not prevent the existing method of creating all the accounts someone wants. — xaosflux Talk 20:24, 9 November 2018 (UTC)
Noted, but I believe my general point about prioritisation stands. --Deskana (talk) 21:53, 9 November 2018 (UTC)
  • Nice idea, but I wonder if the admins will use it. I sort of doubt it. — Jeblad 08:54, 18 November 2018 (UTC)
  • Some things to keep in mind: if/once this is implemented, would there be a window for users with multiple accounts to merge their contributions? And if/once those mergers are complete, should we amend the relevant policy as to disallow users having separate accounts (as opposed to using this feature)? Rehman 02:18, 20 November 2018 (UTC)
  • Actually like this idea a lot. The best way to implement it is to have the user always login without privileges. When he/she need admin permission, he would click on a button, may be get prompted for password and then his/her privileges are elevated. 15 minutes later, they fall back to normal privileges. See how Atlassian have implemented it for example in Jira —The preceding unsigned comment was added by Wk muriithi (talk) 13:48, 24 November 2018 (UTC)
  • Security measures that you allow will always have a tiny fraction of the impact of security measures that you require. It will be used by the most security-conscious users, who have strong unique passwords and good account security and thus aren't an easy target anyway. Unless you are ready to make this required, and to acutally enforce it by software (and I don't see how that would work), it's just not a good use of time. Something along the lines of what Wk muriithi said (make all logins de-privileged, and require a temporary elevation) makes more sense, and actually we are sort of doing it already for some very limited things (like password change), but figuring out how to do it without crippling the productivity of privileged users is not easy. --Tgr (talk) 04:00, 25 November 2018 (UTC)

Voting[edit]

  • Support Support as proposer. — xaosflux Talk 20:19, 16 November 2018 (UTC)
  • Support Support Dolotta (talk) 01:05, 17 November 2018 (UTC)
  • Support Support Hell yeah — regards, Revi 02:05, 17 November 2018 (UTC)
  • Support Support Liuxinyu970226 (talk) 03:33, 17 November 2018 (UTC)
  • Support Support Kpgjhpjm (talk) 04:08, 17 November 2018 (UTC)
  • Support Support Hiàn (talk) 04:46, 17 November 2018 (UTC)
  • Support Support FF-11 (talk) 09:46, 17 November 2018 (UTC)
  • Support Support Jo-Jo Eumerus (talk, contributions) 10:00, 17 November 2018 (UTC)
  • Support Support Patriccck (talk) 10:35, 17 November 2018 (UTC)
  • Support Support --Alaa :)..! 10:36, 17 November 2018 (UTC)
  • Support SupportThanks for the fish! talkcontribs 19:53, 17 November 2018 (UTC)
  • Support Support Sebastian Wallroth (talk) 10:33, 18 November 2018 (UTC)
  • Support Support Would go nicely with the marginally-related phab:T199118. ~ Amory (utc) 11:27, 18 November 2018 (UTC)
  • Support Support stwalkerster (talk) 17:01, 18 November 2018 (UTC)
  • Support Support — Draceane talkcontrib. 17:29, 18 November 2018 (UTC)
  • Support Support And we should be able to test the Visual Editor even when we had chosen the wikicode (on some wikis the second modification tab is absent so we have to choose one the first time). JackPotte (talk) 19:42, 18 November 2018 (UTC)
  • Support Support --Wargo (talk) 20:57, 18 November 2018 (UTC)
  • Support Support Don't know if I'd use it personally, but it seems like a good idea. Kudpung (talk) 08:59, 19 November 2018 (UTC)
  • Support Support I have often had problems in other platforms that were difficult to resolve because the person trying to help me was too privileged to see the problem, or I was the one who was too privileged to see the problem. This is a sound concept for all computing environments. Jc3s5h (talk) 11:00, 19 November 2018 (UTC)
  • Support Support Martin Urbanec (talk) 14:01, 19 November 2018 (UTC)
  • Support Support Katietalk 16:36, 19 November 2018 (UTC)
  • Support Support. It would take away the headache of having to maintain multiple accounts for different uses (editing from home, editing from office, editing from unsafe network), and would also reduce the opacity of certain users (i.e. admins) reviewing editors owning multiple accounts. Rehman 02:18, 20 November 2018 (UTC)
  • Support Support Edgars2007 (talk) 18:40, 20 November 2018 (UTC)
  • Support Support Novak Watchmen (talk) 22:59, 20 November 2018 (UTC)
  • Support Support Vulphere 06:15, 21 November 2018 (UTC)
  • Support Support Arian Talk 18:27, 21 November 2018 (UTC)
  • Support Support Framawiki (talk) 19:34, 21 November 2018 (UTC)
  • Support Support Nihlus 22:09, 21 November 2018 (UTC)
  • Support Support Good idea! YaganZ (talk) 23:46, 22 November 2018 (UTC)
  • Support Support MisterSynergy (talk) 10:19, 23 November 2018 (UTC)
  • Support Support ~Cybularny Speak? 15:43, 23 November 2018 (UTC)
  • Support Support Nice idea, adopt the sudo strategy so that it get wide usage. William —The preceding unsigned comment was added by Wk muriithi (talk) 13:59, 24 November 2018 (UTC)
  • Support Support Arne (Amjaabc) (talk) 08:40, 25 November 2018 (UTC)
  • Support Support IKhitron (talk) 19:21, 25 November 2018 (UTC)
  • Support Support Ranjithsiji (talk) 22:35, 25 November 2018 (UTC)
  • Support Support This would be great for the more security conscious among us. — AfroThundr (u · t · c) 01:02, 26 November 2018 (UTC)
  • Support Support Daniel Case (talk) 03:58, 26 November 2018 (UTC)
  • Support Support Dreamy Jazz (talk) 12:05, 27 November 2018 (UTC)
  • Support Support Nemo 22:23, 27 November 2018 (UTC)
  • Support Support Ahm masum (talk) 21:17, 28 November 2018 (UTC)
  • Support Support Courcelles 15:44, 29 November 2018 (UTC)
  • Support Support Tacsipacsi (talk) 20:03, 29 November 2018 (UTC)
  • Support Support I do use 2FA, and would absolutely prefer the proposed setup. Xymmax (talk) 04:18, 30 November 2018 (UTC)