In terms of external authentication, we need Extension:OpenID to catch up to the OpenID
standard in order to do that.
In terms of two-factor, I have like eight patches for Extension:OATHAuth attempting to
make it production-worthy.
https://gerrit.wikimedia.org/r/132783
--
Tyler Romeo
0x405D34A7C86B42DF
From: svetlana <svetlana(a)fastmail.com.au>
Reply: Wikimedia developers <wikitech-l(a)lists.wikimedia.org>>
Date: August 6, 2014 at 7:57:12
To: wikitech-l(a)lists.wikimedia.org <wikitech-l(a)lists.wikimedia.org>>
Subject: Re: [Wikitech-l] News about stolen Internet credentials; reducing Wikimedia
reliance on usernames and passwords
On Wed, 6 Aug 2014, at 21:49, Andre Klapper wrote:
On Tue, 2014-08-05 at 22:05 -0700, Pine W wrote:
After reading this [1] I am wondering if
Wikimedia should start taking
steps to reduce reliance on usernames and passwords.
What "steps" do you refer to, or is this intentionally vague?
Disallowing usernames and logins?
Two-step authentication/verification?
Something else?
andre
from what i could read and parse:
use less of external things like skype and google accounts
so that there is only 1 username for everything
_______________________________________________
Wikitech-l mailing list
Wikitech-l(a)lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikitech-l