Trust and Safety Product/Temporary Accounts/FAQ/it

This page is a translated version of the page Trust and Safety Product/Temporary Accounts/FAQ and the translation is 16% complete.

Outdated translations are marked like this.

This page is under construction

Please help review and edit this page.

The basics

Che cos'è un account temporaneo?

Ogni volta che pubblichi una modifica in Wikipedia o in altri siti ospitati dalla Fondazione Wikimedia senza entrare in un account registrato, si creerà un conto temporaneo per te. A questo account verrà automaticamente dato un nome utente. Un cookie sarà immagazzinato nel tua browser alla creazione dell'account. Questo nome utente sarà utilizzato per attribuire tutte le modifiche posteriori da parte tua, anche se il tuo indirizzo IP cambia. Con un account temporaneo, il tuo indirizzo IP può essere accessibile solo da personale autorizzato e membri della comunità, come descritto nella politica di privacy aggiornata.

See also:

Technical documentation on temporary accounts
The technical information page if your bot or tool needs to differentiate between temporary and permanent account types

Perché abbiamo bisogno di nomi utente?

The license used on the Wikimedia wikis requires each edit to be attributed to a user identifier.

Le persone che creano un account registrato gratuito possono scegliere il loro nomi utente. Le persone che non utilizzano un account registrato ricevono automaticamente un conto temporaneo. In precedenza, le tue modifiche sarebbero dtate attribuite pubblicamente al tuo indirizzo IP, come per esempio Utente:192.0.2.1.

What does a temporary username look like?

~2024-12345-67.

The automatically generated usernames for temporary accounts will begin with a tilde (~) and the year when the first edit was made by that account. The year will be followed by numbers, which will be broken into groups of five digits. Users cannot register normal accounts with usernames that match this pattern.

Why are you working on temporary accounts at all?

We're working on this project for legal reasons. There are risks we can't afford to ignore.

Wikimedians began discussing the exposure of IP addresses as a privacy issue shortly after MediaWiki was developed. For example, there is a thread dating back to 2004. For many years, there was no strong incentive to change this, so the Wikimedia Foundation wasn't working on it. But in the meantime, in many countries, new laws and new standards were introduced. Finally, in 2018, the Foundation's Legal department determined that the indefinite public storage of IP addresses presents serious risks. This includes legal risks to the projects and risks to the users. Today, this project is one of the priorities of the Foundation's leadership.

See also:

Project update from July 2021 with more details about the Legal team's assessment

Why a temporary account is the right solution to the problem?

There are some hard requirements that led to the design of the temporary accounts. Some of them are of legal, and some are of technical nature:

What we are facing	What we have decided to do
One of the founding principles is that people should be able to make most simple edits without registering a permanent account.	Temporary accounts will be created automatically (people won't need to create an account themselves).
Due to legal requirements, edits on the wikis should be attributed to a user identifier other than IP address.	If temporary accounts are enabled on a wiki, an account is created for a user as soon as they commit their first edit. The user is automatically logged in to this account, which is tied to a randomly generated username. This username is displayed in every situation (except for various functionary tools) where IP addresses would have otherwise been displayed.
The identifier that a given not logged-in user's edits are attributed to needs to be stable. Creating a new user for each edit is not an option. Otherwise, there would be a too large rate of new users.	As soon as the temporary account is created, the user is logged in. The cookie has a limited lifetime. Within this duration, if the user decides to make more edits, they are all attributed to the same temporary account. A new one is created if the user decides to log out of the temporary account or otherwise use a different browser. The user retains the same temporary account if they change IP address while using the same device/browser.
The MediaWiki software can't be changed too much. We need to limit novelties to let existing features work unmodified.	A temporary account does not break anything in the way user accounts are handled. Aside from some special case behaviors that are required (such as some features that need to be disabled for temporary accounts), most code is likely to work without unexpected failures.

See also:

Technical details on Phabricator

Is the Wikimedia Foundation monitoring the effect of using temporary accounts on our communities?

As of February 2024, not yet, because temporary accounts haven't been introduced on any wiki yet.

The teams involved in this work are monitoring some "guardrail" metrics. These include how many users get blocked, how many pages get deleted, how many edits get reverted, and the number of requests for assistance from CheckUsers.

Guardrail metrics in detail
{{{2}}}

What if a temporary account holder does something bad and needs to be blocked?

Temporary accounts' IPs will be stored, IP blocks will continue to work, and temporary accounts will be subject to IP blocks.

IP addresses appear in the history of many pages. Will those past uses be modified?

No.

Historical IP addresses that were published on wiki before the switch to temporary accounts will not be modified. The Wikimedia Foundation Legal department has approved this decision.

When will these changes reach my wiki?

As of November 2023, temporary accounts may become available on a test wiki in March 2024.

Bot operators and tool developers are encouraged to test their tools as early as possible.

As of November 2023, the first deployment to a public pilot wiki (e.g., a low-traffic Wikipedia) is expected no earlier than April/May 2024.

Single wiki community questions

What if a community wants to keep using IP addresses?

After temporary accounts become available, displaying IP addresses for subsequent contributions will no longer be permitted. All communities need to prepare for the change to temporary accounts.

Would disallowing or limiting anonymous editing be a good alternative?

No.

In the past, the Wikimedia Foundation has supported research into requiring registration for all editors editing Wikipedia articles. The results have been mixed. We can't say that disabling not logged-in editing of articles is clearly an equally good solution.

Even if it was, we would need to disable not logged-in editing of any page. That would be against a founding principle. (To read more about it, look at the table above.)

Some communities currently have public pages for documenting the activities of some bad actors, including their IP addresses (e.g., Long-term abuse). Will this documentation still be permitted?

Yes.

The communities should treat the IPs of logged in users and temporary account holders the same on the Long-term abuse list. They may list the IP addresses when necessary, but they should refer to the abusers by their temporary account usernames.

See also:

Access to temporary account IP addresses

Can we publicly document the IP addresses used by suspected (but not confirmed) bad actors who are using temporary accounts?

In general, no, but sometimes yes, temporarily.

When possible, patrollers with access to IP addresses should document the temporary account name(s) instead of the IP addresses. The exception is when the IP addresses are necessary for the purpose of protecting the wiki from abusive actions. Necessity should be determined on a case-by-case basis. If a disclosure later becomes unnecessary, then the IP address should be promptly removed.

For example, if a suspected vandal is exonerated during an investigation, then the report showing the user's IP address can be removed through oversight. That way, the IP address is only revealed while it is needed, and then is suppressed later, after it has been shown to not be needed any longer. See the related policy for more information.

Technical details about temporary accounts

Are temporary accounts deployed anywhere? Where can I test it?

Keep in mind that these are testing wikis. Software there may not work as expected.

Quanto dura il mio account temporaneo?

Il tuo account temporaneo funzionerà finché esiste il cookie. Il cookie è attualmente impostato per scadere dopo un anno dalla prima modifica.

Quelle che seguono sono le situazioni più comuni in cui un account temporaneo può essere irrimediabilmente perduto.

Cancelli i cookies nel tuo browser.
Cancelli nel browser il profilo utilizzato quando è stato creato l'account temporaneo.
Hai usato una finestra incognita e la hai chiusa.
Il cookie è scaduto.

Se viene perduto il tuo account temporaneo, si genererà automaticamente un nuovo account temporaneo, con un nuovo nome di utente, la volta successuva in cui pubblichi una modifica. Se desideri un account permanente, puoi creare un account registrato gratuito in qualsiasi momento.

Can't an abuser just clear cookies?

Yes, they can. Temporary accounts are not intended to solve any anti-abuse problems.

We know the problem of abusers making edits through a pool of changing IPs while masking browser agent data. This cannot be solved through temporary accounts. This is not a design goal for this project either. Otherwise, we would need to use trusted tokens, disabling anonymous edits, or fingerprinting, all of which are very involved, complicated measures that have significant community and technical considerations.

However, abuse from a user that clears cookies will be no harder or easier to detect and mitigate than before the rollout of temporary accounts. Tools will be adapted to ensure that bidirectional mappings between temporary accounts and IPs can be safely and efficiently navigated by trusted functionaries.

Come posso accedere al mio account temporaneo? Quale è la password del mio account temporaneo?

È impossibile accedere a un account temporaneo. Non ci sono password per gli account temporanei. L'unica forma di "avviare una sessione" come utente temporaneo è avere il cookie originale vigente che è stato creato quando hi realizzato la prima modifica in quell'account. Puoi accedere al tuo account temporaneo solo dal dispositivo o browser dove è stato creato. Se desideri stabilire una password e avviare una sessione in altri dispositivi, crea un account registrato gratuito.

Che posso fare con il mio account temporaneo?

Il tuo account temporaneo funzionerà in tutte le Wikipedia e altre wiki connesse a SUL ospitate dalla Fondazione Wikimedia.

You should have very similar capabilities as you did while edits were being attributed to IP addresses. This includes editing most articles on the Wikipedias. With the switch to temporary accounts, you will get one new feature. You will be able to receive notifications about messages from other users.

Some actions, such as uploading photos to Commons, are restricted to users with a free registered account. Registered accounts are permanent, provide better privacy protection for you, and offer many preference settings for customization. Registering a permanent account is quick and easy. You do not need an e-mail address to create a free registered account.

Note: When you create a free registered account, the edit history, notifications, and messages in your old temporary account will not be transferred to your new registered account.

Will the temporary username be unique across different wikis?

Yes.

If you see User:~2024-12345-67 at multiple SUL-connected wikis, you can be confident that this is the same account.

Experienced contributor questions and access to IP addresses

Who will be able to see the IP address of temporary accounts?

Stewards, CheckUsers, global sysops, admins, and patrollers who meet qualifying thresholds, as well as certain staff at the Wikimedia Foundation.

There are privacy risks associated with IP addresses. This is why they will be visible only to people who need to have that information for effective patrolling.

I have a qualified account. How can I see the IP addresses?

Go to Special:Preferences and opt in.

Will I need to sign any non-disclosure agreement?

No.

There is the access to nonpublic personal data policy (ANPDP). It is a legal policy from the Wikimedia Foundation about how checkusers and people with certain other roles must protect non-public personal data that they obtain in the course of their duties.

Volunteer admins and patrollers do not need to sign it.

However, you will need to opt-in to access to IP addresses through Special:Preferences at your local wiki.

How will autoblocks work with temporary accounts?

Autoblocks stop vandals and other high-risk users from continuing to disrupt the projects by immediately creating a new account.

Autoblocks for temporary accounts are the same as autoblocks for registered users.

How will editors apply for this new user right?

By default, this will be automatically assigned to eligible users. The only thing you will need to do is to opt-in when it becomes available at your wiki.

However, each wiki can set its own process with standards higher than the minimum, such as a process that requires individual review. The Wikimedia Foundation is not requiring a process equivalent to becoming an admin in the largest communities. Communities may choose to handle these requests via their existing processes, or to set up new pages.

For example, the English Wikipedia may choose to take requests at w:en:Wikipedia:Requests for permissions, and the German-language Wikipedia may choose to handle requests at w:de:Wikipedia:Administratoren/Anfragen, and the Ukrainian Wikipedia may choose to handle requests at w:uk:Вікіпедія:Заявки на права патрульного. Very small communities often take similar requests on their village pump.

My community wants to set higher requirements. How do we do that?

Follow the directions in Access to temporary account IP addresses#Local requirements. Usually, this will mean having a discussion in the local community, documenting the community's decision, and then following the process for Requesting wiki configuration changes.

When will the user right become available? When can we start assigning it?

The user right will likely be added to the MediaWiki software later this year (2023), although it will not initially be useful at all wikis. If they want to, communities that want to use a process requiring individual review can start pre-approving editors at any time.

My wiki has an existing group whose userrights are already higher than the minimum requirements. They would all get this right automatically if we didn't choose to have a separate process. Can we assign this new right to all of them?

So long as all of the users in the group meet or exceed all of the minimum requirements, then it can be assigned to an existing group. Future members of that group will need to meet or exceed all of the minimum requirements.

The minimum requirements for non-admins are too low

Any community may choose to set higher standards. For example, some communities might choose to restrict this user right only to people who meet all of the minimum requirements plus have additionally been actively involved in anti-vandalism work. Others may choose to remove the permission sooner than required or to require periodic re-confirmation.

The minimum requirements for non-admins are too high

This may occasionally be true, such as when a wiki is newly created. In such cases, someone at that wiki needs to request an exception from the Wikimedia Foundation Legal Department. Contact privacywikimedia.org with an explanation of the situation in your community.

I meet the minimum requirements for automatic access, but my community requires individual review, and they denied my request!

Whether to grant this user right to someone who meets the minimum requirement is entirely up to the local community. No one is required to give you this user right.

I'm an admin, but I don't want this user right

You won't be able to see any of this information unless you click to accept the agreement.

I believe that someone is misusing this information

Please report privacy-related concerns to the ombuds commission. To ensure accountability, logs are kept of tool usage and of which users have access to the tool.

Other concerns about potential misuse may be brought to a steward by placing a request on m:Steward requests/Permissions#Removal of access. Stewards are authorized to block a user’s access to IP addresses if they determine that misuse occurred. This will prevent access even if the user would be automatically eligible or has been granted access through a community process.