This template is used on approximately 3,100 pages and changes may be widely noticed. Test changes in the template's /sandbox or /testcases subpages, or in your own user subpage. Consider discussing changes on the talk page before implementing them.
Preview message: Transclusion count updated automatically (see documentation). |
This template uses TemplateStyles: |
This template gives you a way to later prove that you are the person who was in control of your account on the day this template was placed. This is done by putting a code (called a "hash") on your user page so that, in the event that your account is compromised, you can convince someone else that you are really the person behind your username.
The intended use of this template is to help in the hopefully unlikely event that your account is compromised. If you published your real-life identity, then that identity could be used to reestablish contact with you if your account were compromised; keep in mind, in this scenario contact could not be established with you through your account, since it may be under the control of someone else. However, many Wikipedia users do not disclose their real-life identities, or disclose little enough of them that it may be difficult to establish their identity.
This is not a replacement for having a strong password, nor for registering an email address for your account. You should still do everything you can to prevent your account being compromised, including using a strong password and remembering to log yourself out when using a computer to which others may have access. If you have one, it may also be helpful to post your PGP public key. But even with the best of precautions, your account could become compromised, for instance, via a trojan horse or a brute-force attack on your password. This is intended to be a last resort.
The idea is to use cryptographic hashes; you choose a secret string known only to yourself, put it through a one-way hash function, and publish the result somewhere. It is infeasible to determine the secret string corresponding to the hash; hence, an attacker compromising an account presumably would not be able to supply the secret string.
{{Committed identity|hash|hash function used|background=CSS color|border=CSS color|article=grammatical article for the hash function}}
Italicized text should be replaced with appropriate input, or its parameter should be removed. Parameters are represented by "parameter=value", and separated by vertical bars |.
For example, if your hash is "1eb00f7cdeaa38f5e9aec8f065b956acf94d416a4a40c1fb5d1dd23b857ba6fe" using SHA-256, and you want a light orange box with a black border, use the following code:
{{Committed identity|1eb00f7cdeaa38f5e9aec8f065b956acf94d416a4a40c1fb5d1dd23b857ba6fe|SHA-256|background=#FC9|border=#000}}
to produce
Use Fastily's browser tool or software on your computer such as sha512sum
provided in the GNU Core Utilities. The use of other online hash generators is not recommended, as they are outside Wikipedia's control and should not be trusted with your secret string.
Full name, multiple forms of contact, contact information for trusted friends, and a random string:
Joe Schmoe. [email protected]. 555-123-3456. P.O. Box 1234, San Jose, CA. My best friend Bob's email: [email protected]. fFfwq0DuDmMXj8hYTM3NTKeDhk
For a simpler way of choosing a string, you can use a passphrase, as illustrated in this XKCD comic or a Diceware method. The passphrase should be something easy for you to remember, but hard for someone else to guess like an inside joke or a secret. As usual, the longer the passphrase, the more secure it is. With the Diceware method, at one trillion guesses per second, a 4-word passphrase can be cracked in half an hour, a 5-word passphrase in 6 months, a 6-word passphrase in 3500 years and a 7-word passphrase in 27 million years. If you come up with your own passphrase, it will be less secure because some words are more likely to be paired with others (e.g. You is often followed by are, but rarely by cytoplasm). You are also more likely to use common words (my, you, are, and, the, of) than obscure ones (agastopia, erinaceous, impignorate, kakorrhaphiophobia).
These examples would be good if they had not already been published here (and elsewhere), so don't use any of these exact ones (or simple variants) - this is just to illustrate some formats of good passphrases.
correct horse battery staple
Who you gonna call? Ghost don't exist you nutjob!
I actually like Battlefield Earth.
My name is Bob.
I was born in 1982.
Anyone who wishes to get a password reset through the Committed Identity process should exhaust other options first. There is not a routine process for resetting passwords, and calling for a committed identity password reset will take time and the agreement of several humans who will discuss the case.
Before the Committed Identity process, confirm that you still know your passphrase by inputting your passphrase through any safe tool to get your confirmed identity. After you confirm your own passphrase, now make the request. When you make the request, follow the guidance at Help:Logging in § What if I forget my password? which as of December 2022[ref] recommends emailing cawikimedia.org for advice and not to publicly mention the secret string.
Code | Result | Transclusions | ||
---|---|---|---|---|
{{User:Anomie/Userbox committed identity|...}} |
|
Transclusions | ||
{{User:Urdna/CIDuserbox}} |
|
Usage | ||
{{Template:User CID}} |
|
Usage |