User:Tiggerjay/ACC FAQ

This page is a draft of a document that is intended to me moved over to the ACC guide subpage, to help existing and new ACC users in creating accounts consistent with existing precedents that don't necessarily need direct inclusion into the guide. The information here is not official policy and does not take precedent over the ACC Guide, nor any other Wikipedia policy (such as the username policy).

Purpose
To help users create accounts who cannot do so through the automated system. The following is a couple of examples of why people need to use this interface:
 * Unable to read/use the Catpha (or a bug in Catpha)
 * Username is too similar to another user
 * They are requesting from a blocked IP address
 * Technical bugs in wikipedia (rare, but they do happen)
 * They were directed to the interface from other edits, such as the Helpdesk or Teahouse
 * They accidentally find themselves at the interface, instead of going through the normal way

The process for manually approving these accounts is designed to take into account that people are not robots. That the ACC Volunteers minds are amazing and can make connections and draw conclusions to dive deeper into a request in a way that a computer cannot. As such, the approval process is more than simply checking off on all of the various tools (SUL, Block Log, etc). Just because all checks come back clean doesn't mean that it is an okay account to create, as the name itself might violate WP:UPOL, or conversely, just because an account fails a check, such as block doesn't mean the account shouldn't be created (such as schoolblock or specific notes from blocking admins for ACC to ignore).

Assume Good Faith
We assume good faith, so we don't block accounts for the following reasons:
 * When we have a "bad feeling" about a username, email address, or comments, that do not directly indicate a violation of policy. User: Oldsapmmer would be an example of a valid username even though it would otherwise cause pause when creating an account.
 * Possible/slight chance for begin a company or shared account; again, only when there is specific evidence to support it. Typically if there is an exact match to a notable company, such as User:AppleInc would be bad, but LoveApple, would be fine. For less popular company names, I typically look to see if the majority of a first page of google is pointing to the company website or other reliable sources, then it would be good reason to believe that it is a notable company. But if you see just a bunch of facebook type results, you can probably AGF. Another place to search is for that company name being mentioned in any article in enWiki.

Usernames

 * Names of city/counties/etc: Per the precedent set here (req 64517) it is generally okay to create an account in good faith if the username matches a city/county/etc., unless other evidence is available to suggest the account might be run by the village/city/county.


 * Real names: Per the precedent set here (req 84494), if the requested username is that of a real person, we can create in good faith, except when the username is of someone notable or significant. We are not specifically concerned with WP:UPOLICY impersonation if the are just an ordinary person when it comes to account creation. A good way to do this is to either seach enWiki for an article or reference to the person; as well as search Google - if the results are mostly reliable sources (versus just google/linkedin/social networking/blogs) then you can presume they are notable. However, the requested name must be unmistakably that person, such as ALincoln, AbeLincoln, PresidentLincoln. (not that we'd be worried about someone impersonating him). But examples such as TheGreatAbe, Abethe16th, etc. would be fine.


 * Username implying spam/abuse - in general we assume good faith of new account requests and a suspicion of spam/abuse is not enough reason to deny a new account request. However when there is good evidence to support it might be a sockpuppet, block avoidance, etc, then the account should be submitted for a check user, with non-policy violating information in the comment section. But be careful, there are valid editors who have contributed on-wiki with the name "spammer" in them. So remember to assume good faith!

Tools
Here is a brief summary of how some ACC Volunteers use each of the tools/checks:

IP Address Checks
IP is needed to check for a couple of things:
 * 1) Is this person trying to evade a block or similar sanction
 * 2) Is there evidence of recent (last 48 hours) of vandalism activity
 * 3) Is there a reason to create an account in the event of shared IPs such as schoolblock
 * 4) Is there information to trigger a COI/SPAM Concern
 * Talk Page:
 * Provided a quick (but not authoritative) check to see if they are a shared IP, school, company, etc.
 * Ability to see the history of how this account has been used - ie warning templates, etc. or perhaps constructive.
 * Sometimes the talk page will give an indication that it is not a shared IP.


 * User Contributions:
 * Give a quick overview of how this IP has been editing.
 * Primarily check very recent contributions, however a historical look if there appears to be an editing trend.


 * Deleted Edits:
 * Generally an indication of prior abuse


 * Global Contributions:


 * Local Block Log:
 * Shows current and historical blocks -- has this IP been used multiple times for abuse?


 * Active Local Blocks:
 * Shows the current block log
 * Also pay attention to a couple of things:
 * Any comment by the blocking admin, sometimes they leave notes for ACC to ignore the block, etc.
 * Check the size of the block, is it a single IP, small or large range. Anything /24 or a larger number (/28, etc) is typically a small range block (affects <255 IP addresses); smaller numbers (/20, /16) are rather huge (ie a /20 impacts 4k IPs, /16 impacks 65k IP{s). (For a technical inderstanding see, CIDR)
 * Generally if there is any active blocks, with the exception on schoolblocks on the guide, they should be deferred to Check Users.


 * Global Block Log:
 * Similar to Local Block, except you get a bigger view of the project to see if abuse has happened on other projects.


 * Active Global Blocks:
 * Similar to Local Block, except you get a bigger view of the project to see if abuse has happened on other projects.


 * Whois:
 * This is the authoritative space to determine if an IP address really belongs to a school, company, etc.


 * Abuse Filter Log:
 * This is a quick look to see if edits from the IP may have triggered abuse filters. Typically we are concerned with recent edits.

Username Data
Username is needed to check for a couple of things:
 * 1) Does this requester already have an account
 * 2) Is this person trying to evade a block or similar sanction
 * 3) Is this user having problems and needs their password reset
 * 4) This this user recently already create an account and the ACC is redundant with them being able to self-create an account
 * 5) Is this user having problems because their desired name is already taken on ENWP or via SUL.


 * User Page:
 * Confirms there isn't an account yet


 * Creation Log:
 * Confirms there isn't an account yet. If it was created very recently then it can be dropped


 * SUL:
 * Confirms there isn't an account yet across the project. This can be cause to drop for TAKEN.


 * Special:CentralAuth:


 * Username list:
 * This shows similar usernames on Wikipedia. This may be this requested username, or the ONE name closest to it, determined by Mediawiki. However, there may be others.
 * Sometimes when a request is suspect, I'll
 * Increase the limit to 10
 * Search based on the requester's email address
 * Search based on logical permutations of the requested name.
 * Search based on permutations discovered through a Google Search


 * Wikipedia mainspace search:
 * A quick check to see if the requested name matches an on-wiki article.
 * Sometimes when a request is suspect, I'll
 * Search based on the requester's email address
 * Search based on logical permutations of the requested name.
 * Search based on permutations discovered through a Google Search


 * Google search:
 * Check to see if the requested name is anything significant
 * Sometimes when a request is suspect, I'll
 * Search based on the requester's email address or domain name.
 * Search based on logical permutations of the requested name.
 * Search based on permutations discovered through a Google Search

AntiSpoof Tools
AntiSpoof is needed to check for a couple of things:
 * 1) Does this requester already have an account (such as a different casing or spacing)
 * 2) Does this requester want an account similar to an established or active editor
 * 3) Is this person trying to evade a block or similar sanction


 * Contributions
 * Check for how recent the contributions have been.
 * If not an established editor, and nothing within the last year, this may be okay to create


 * Logs
 * How long ago was the account created. If very recent, may be the requester is having problems creating an account


 * SUL
 * Checks for contributions across other projects


 * Send Password reset
 * Only needed if there are indications the reqester is having problems accessing their account.


 * Count
 * Shows edit history on ENWP

Sequence
There are different approaches on how to research a request and in what order. In general I perform checks in the following sequence designed to target the most probable places to DECLINE or DEFER a request, before getting too deep. However, I will divert from this practice when something in the request itself is a red flag. For example, if the requested username looks like a corpname, I might start with a Google, WP Mainspace and Whois first.

General Approach

 * 1) Creation Log
 * 2) SUL
 * 3) Active Local Blocks
 * 4) Active Global Blocks
 * 5) Talk page

Thereafter I check the rest of the tools in the following order:
 * AntiSpoof
 * Username
 * IP Address