Commons:Bots/Secure login
Bot operators are encouraged to use secure login methods such as OAuth or BotPassword, especially when running the bots on shared environment such as Toolforge.
Secure login methods
[edit]BotPassword
[edit]Bot passwords allow access to a bot account via the API, but not via the Weblogin, without using the account's main login credentials. The user rights available when logged in with a bot password may be restricted. OAuth is more secure than bot passwords and should be preferred whenever the bot supports it.
Bot passwords are shared, you need to create the password only on your local Wiki, but if you want to use them in a different Wiki, log in with the Weblogin and visit any page in that Wiki.
OAuth
[edit]OAuth allow access to a bot account via the API, but not via the Weblogin, without using the account's main login credentials. The user rights available when logged in with a OAuth may be restricted.
- m:Special:OAuthConsumerRegistration/propose (using an owner-only consumers)
- If you use Pywikibot see mw:Manual:Pywikibot/OAuth
Bot with special privileges
[edit]It is highly suggested for adminbots and bots with other special privileges (license reviewer) to use one of the aforementioned login methods and restrict permission/access only to needed permissions.
- Bots
Bot | Login method | Permission |
---|---|---|
AnankeBot | Unknown | license review |
CommonsDelinker | BotPassword | sysop |
KrinkleBot | BotPassword | sysop |
FlickreviewR 2 | BotPassword | license review |
Faebot | OAuth | license review |
Hazard-Bot | Unknown | license review |
INaturalistReviewBot | Unknown | license review |
JarektBot | Unknown | license review |
JoRobot | Unknown | license review |
LicenseReviewerBot | Unknown | license review |
MDanielsBot | Unknown | license review |
Open Access Media Importer Bot | Unknown | license review |
Wiki-Bot | Unknown | license review |
タチコマ robot | Unknown | license review |