Wikipedia:Sockpuppet investigations/42.106.27.166/Archive

Suspected sockpuppets



 * Tools: Editor interaction utility • Interaction Timeline • User compare report Auto-generated every hour.

On 2020-06-23 : "Someone (probably you, from IP address 42.106.27.166) requested a reset of your password for Wikipedia (). The following user account is associated with this email address:
 * Special:Contributions/42.106.27.166 -- 2 minor vandalisms with edit comments attributing vandalism action to me (Yug).
 * In wikipedia warning received, login in attempts (12?):  I saw somewhere "12" attempts were made.
 * In Email warning received, password reset:

Username: Yug Temporary password: [...]

This temporary password will expire in 7 days. You should log in and choose a new password now. If someone else made this request, or if you have remembered your original password, and you no longer wish to change it, you may ignore this message and continue using your old password.

However, if you did not generate this request and want to prevent unsolicited emails, you may want to update your email options at . You can require both username and email address to generate password reset emails. This may reduce the number of such incidents.
 * Request : check if this IP was used by an known Wikipedia user/account in order to determine if this action is a willful targeted hacking. Yug (talk)  09:58, 25 June 2020 (UTC) Yug  (talk)  09:58, 25 June 2020 (UTC)
 * I want to know if this IP is also used by some Wikipedia user. I'am not concerned about successful hacking, my password is solid. I want to know if an existing user is doing sneaky intimations. If so, we would gain to identify the author of this toxic practice and deal with it with relevant rules. Yug (talk)  10:08, 25 June 2020 (UTC)
 * I read the section fishing: "it is not fishing to check an account where the alleged sockmaster is unknown, but there is reasonable suspicion of sockpuppetry,". I indeed would like to know who is the puppet master. There are attempts to log in, and targeted attempts to smear by my explicit username, all by the same account. Yug  (talk)  10:17, 25 June 2020 (UTC)
 * My comment above point out that I understand random brute force on password is classic and no ground for checkuser. I'am concern by the vandalism and smearing done via my username (see IP contributions link above) and I therefore suspect an existing Wikipedia user may be puppet master for tiny revenge, but I don't know who. It seems to fall exactly into CheckUser: "it is not fishing to check an account where the alleged sockmaster is unknown, but there is reasonable suspicion of sockpuppetry, and a suspected sock-puppet's operator is sometimes unknown until a CheckUser investigation is concluded." ? Did I misunderstood the rule cited by that page ? I'am honestly confused here. Yug (talk)  10:27, 25 June 2020 (UTC)
 * If your approach described above is correct in practice, it may be beneficial to edit CheckUser accordingly to reduce confusion. Yug (talk)  10:38, 25 June 2020 (UTC)
 * The password is NOT my core claim. In first element, I point an IP doing vandalism in my name, see Special:Contributions/42.106.27.166. This means it is not random but targeted and that IP knows me. It was not a random keyboard input since the exact same day, persistent (yet obviously futile) attempts to hack my account were made. I suspect intimidation. There are 6 wikipedia users I hotly debated with in past year and who could be suspects as puppet master, yet I don't know. It could be someone else. Only a check can tell. CheckUser states "it is not fishing to check an account where the alleged sockmaster is unknown, but there is reasonable suspicion of sockpuppetry, and a suspected sock-puppet's operator is sometimes unknown until a CheckUser investigation is concluded." It seems relevant to my case. Alternatively, the rule would gain to be clarified. Yug (talk)  10:55, 25 June 2020 (UTC)

Comments by other users
''Accused parties may also comment/discuss in this section below. See Defending yourself against claims.''

Clerk, CheckUser, and/or patrolling admin comments

 * What are you asking to check this against? There is only one IP here and it sounds like you just want them to do a general check to see who the IP belongs to? Praxidicae (talk) 10:00, 25 June 2020 (UTC)
 * In any case, I'm declining this request because CU's can't go fishing. If you're concerned about your account safety, enable 2fa (and I recommend doing so anyway). Praxidicae (talk) 10:05, 25 June 2020 (UTC)
 * Please see my comment above, . Praxidicae (talk) 10:11, 25 June 2020 (UTC)
 * It is literally fishing, Yug. You don't have any idea who the master is, nor if they've ever even edited before. Checkusers will not connect an IP to an account anyway. If we CU'd every time someone tried to brute force a random users password or sent them e-mail resets, well, Checkusers would be very busy. It looks like a generic vandal to me but per policy, they cannot run a check. Praxidicae (talk) 10:20, 25 June 2020 (UTC)
 * you have no evidence of sock puppetry, what is the reasonable suspicion? A childish vandal trying to reset a password for a username that is in no way unique isn't evidence on it's own. And a checkuser will not connect an IP to an account...if you have evidence of sock puppetry please add it to the case request and please comment in the appropriate section (ie. the case request or other users section will do.) Praxidicae (talk) 10:39, 25 June 2020 (UTC)
 * Please see this similar case for an explanation from a Checkuser. Praxidicae (talk) 10:46, 25 June 2020 (UTC)


 * If you wish for this request to be taken seriously please provide evidence of sock puppetry. Saying it could be "one of six people I've argued with" is basically why the fishing policy was written. Please also read the section titles here and put any follow up comments in the case request. Praxidicae (talk) 11:01, 25 June 2020 (UTC)
 * I'm closing this as there are no grounds for checking per WP:CheckUser policy: However, on the English Wikipedia, CheckUsers are discouraged from making a public statement that connects one or more IP addresses to one or more named accounts, since an IP address is often much more tightly linked to a specific person, which is the crux of your request, and at this point, untenable. There's nothing more to do at this SPI case, hence, closing. Best,  qedk ( t  愛  c ) 11:04, 25 June 2020 (UTC)