Wikipedia talk:Administrators/2019 request for comment on inactivity standards

Previous proposal
The last discussion to propose everything here hasn't even been closed for two weeks yet. —Cryptic 21:33, 23 January 2019 (UTC)


 * I agree with . I had been planning to make a proposal that was focused on the issue of the personal responsibility of administrators to maintain a secure account, but I'm also acutely aware of the issue of participant fatigue, particularly when they are asked to comment on a series of proposals that are inter-related. So...I'll have to wait for another couple of months before I bring my proposal forward.  It is particularly frustrating, given that all of these proposals have very recently been discussed, and all of the proposals are strictly social engineering attempts and will have zero impact on account security.  I get that some people are really passionate about this topic, but repeated RFCs on the same points are not only tedious, but they're tendentious.  Risker (talk) 04:48, 24 January 2019 (UTC)

The previous RFC was not well put together in my opinion, and that is probably why it did not achieve any usable results but was eventually closed as no consensus long after discussion has completely dried up. I developed this in my user space while waiting for that to finally be put out of its misery. Beeblebrox (talk) 19:23, 24 January 2019 (UTC)
 * Your argument is basically "we have to discuss it again because we didn't use the right format the last time". You give no indication that you have any reason to believe there will be a substantive difference in the outcome. You have also very definitely not linked your proposal with its reasons, which you identify as 1) concerns about account security (without noting that two of the four recently compromised admin accounts were of highly active admins, one was of a somewhat active admin, and only one was of a barely active admin), and 2) concerns about continued engagement of the admin account holder with the project and community.  You've not explained why eliminating communication from the community to the administrator will help either of these issues.  You've not explained why changing the number of required actions will change either the level of community engagement or account security.  It's just the same old ideas, that have been discussed on multiple occasions and have not gained traction. I'm  just...well, really disappointed that we're having the same discussion again, with proposals that do not relate to the stated objectives.  Risker (talk) 19:42, 24 January 2019 (UTC)

Statement
, have a look at at the RfC listings. Legobot copies everything from the tag (exclusive) to the next timestamp (inclusive). Therefore, please add an opening statement (in accordance with WP:RFC) between the tag and the first heading. You don't need to sign it, but it does need a timestamp - 20:47, 23 January 2019 (UTC) would be perfectly acceptable. -- Red rose64 &#x1f339; (talk) 22:37, 23 January 2019 (UTC)
 * has made (which is only ten minutes different) but the listings are  because there are headings between the  and the first timestamp. -- Red rose64 &#x1f339; (talk) 23:25, 23 January 2019 (UTC)
 * Yeah, I did the minimum necessary without changing the RFC structure/verbiage. --Izno (talk) 02:37, 24 January 2019 (UTC)
 * In the past I have repeatedly tried to follow the format laid out there and somebody always has a problem with it and changes it to soemthing else, so forgive me if I frankly just didn't even bother this time. Beeblebrox (talk) 19:30, 24 January 2019 (UTC)
 * I gave up waiting and . -- Red rose64 &#x1f339; (talk) 23:28, 25 January 2019 (UTC)

Focus on Technical Solutions over People-based Solutions
It seems that people are focusing solely on technical solutions to affect this change. I don't believe those will be particularly effective; we already have semi-inactive administrators acting to get around the existing restrictions, and any increase in requirement will likely result in only a minor increase in de-adminization, unless the requirement is raised to such a level that it starts to impede low-activity but genuinely contributing administrators.

What I believe needs to be focused on is the question of why these admins are doing this, and perhaps their concerns can be addressed. At the moment, I can see two possible reasons for this, though I have no doubt there are more:
 * One, they intend to return to the Wikipedia project at some point, and when they wish to continue contributing as an Administrator. To counter this, perhaps it would be worth considering removing or heavily increasing the limit for which an administrator who has gone inactive can regain their former status without having to proceed through a RFA?
 * Two, they see the standards as just 'box-ticking' and when they receive the notification they log on, tick the box, and log off again. As I see it, countering this could be done in one of two ways.
 * One, the notifications could be removed, as suggested above, but I feel that is a discourteous action to members who have clearly contributed greatly to this project over the years.
 * Two, we the notice can include explicit mention to the current ability to easily regain their position should they return within the next year, or however long the duration is increased to, alongside a mention that this is to maintain the security of Wikipedia by reducing the number of accounts that could be dangerous to the project if compromised.

--  No COBOL  (talk) 14:41, 24 January 2019 (UTC)
 * As I noted above, of the four recently compromised administrator accounts, two were of highly active administrators, one was of a somewhat active administrator, and only one was of a marginally active administrator. While there may be a marginal impact on reducing hypothetically insecure accounts, the real account security issues are not addressed in any way in this proposal, and tacking on potential actions that would address that specific issue would be pointless since this RFC is about inactive admins, not insecure admins.  Risker (talk) 19:46, 24 January 2019 (UTC)
 * For once I agree with Risker in these discussions - the proposals really wouldn't do anything to address account security, and the two shouldn't be confused. Very active admins can still have very insecure accounts, as the recent compromises have shown somewhat, and inactive accounts are not inherently insecure. I was about to ask, "what problems do these proposals suppose to address?" Security is always a concern, but I think this is more about admins being inactive so long that they fall out of touch with the community's evolution, them come back years later with actions that might have made sense in 2005 but today they blow up ANI and lead to three Arbcom cases. That's not a frequent problem honestly but it's a big deal when it does happen. Ivanvector (Talk/Edits) 05:35, 29 January 2019 (UTC)