On Thursday, August 7, 2014, Brian Wolff <bawolff(a)gmail.com> wrote:
Do you have anything specific in mind? Hard to say how
feasible
something is/evaluate without being more specific.
Most non-password alternatives that I can think of (e.g. Having public
private key pairs or something) have the problem that they can't
really be integrated well enough into a web browser based environment
that folks other than the most technical of users find them an
acceptable burden.
--bawolff
I've long wondered about that. Are there really no browser based public key
based solutions? Are there any fundamental reasons why that is like that
other than that it never got implemented, or never became popular?
It seems like the "right" solution for the password problem.
-Martijn
> On 8/7/14, Pine W <wiki.pine(a)gmail.com <javascript:;>> wrote:
> > I think we should start looking at alternative authentication systems
> > especially for high risk accounts. There are several variations on the
> > theme of one-time passwords that I think could bd explored.
> >
> > Pine
> > On Aug 6, 2014 11:05 PM, "Brian Wolff" <bawolff(a)gmail.com
<javascript:;>>
> wrote:
> >
> >> On Aug 6, 2014 8:57 AM, "svetlana" <svetlana(a)fastmail.com.au
> <javascript:;>> wrote:
> >> >
> >> > On Wed, 6 Aug 2014, at 21:49, Andre Klapper wrote:
> >> > > On Tue, 2014-08-05 at 22:05 -0700, Pine W wrote:
> >> > > > After reading this [1] I am wondering if Wikimedia should
start
> >> taking
> >> > > > steps to reduce reliance on usernames and passwords.
> >> > >
> >> > > What "steps" do you refer to, or is this intentionally
vague?
> >> > > Disallowing usernames and logins?
> >> > > Two-step authentication/verification?
> >> > > Something else?
> >> > >
> >> > > andre
> >> >
> >> > from what i could read and parse:
> >> > use less of external things like skype and google accounts
> >> > so that there is only 1 username for everything
> >> >
> >> >
> >>
> >> The solution to stolen credentials is to combine all credentials so
> that a
> >> single credential can control everything?
> >>
> >
--bawolff
>
>> _______________________________________________
> >> Wikitech-l mailing list
> >> Wikitech-l(a)lists.wikimedia.org <javascript:;>
> >>
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
> > _______________________________________________
> > Wikitech-l mailing list
> > Wikitech-l(a)lists.wikimedia.org <javascript:;>
> >
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
>
> _______________________________________________
> Wikitech-l mailing list
> Wikitech-l(a)lists.wikimedia.org <javascript:;>
>
https://lists.wikimedia.org/mailman/listinfo/wikitech-l