On Thu, Dec 6, 2018 at 12:51 PM James Hare <jhare(a)wikimedia.org> wrote:
Since this is the Cloud mailing list, I would like to know if these requirements will
also apply to Wikitech, which has a kind of unique setup as far as Wikimedia wikis go.
Thank you,
James Hare
> On Dec 6, 2018, at 8:34 PM, Chris Koerner <ckoerner(a)wikimedia.org> wrote:
>
> The Wikimedia Foundation security team is implementing a new password
> policy and requirements. [0] You can learn more about the project on
>
MediaWiki.org. [1]
>
> These new requirements will apply to new accounts and privileged
> accounts. New accounts will be required to create a password with a
> minimum length of 8 characters. Privileged accounts will be prompted
> to update their password to one that is at least 10 characters in
> length.
>
> These changes are planned to be in effect on December 13th. If you
> think your work or tools will be affected by this change, please let
> us know on the talk page. [2]
>
> [0]
https://meta.wikimedia.org/wiki/Password_policy
> [1]
https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Password_strengtheniā¦
> [2]
https://www.mediawiki.org/wiki/Talk:Wikimedia_Security_Team/Password_strengā¦
I do not speak for Chris or the Foundation's Security team, but the
configuration for wikitech is largely the same as the configuration
for the main project wikis. The only substantial difference in the
authentication configuration for wikitech is that it uses an LDAP
directory for backing storage rather than CentralAuth. I would expect
that the password policy will be applied to wikitech accounts in the
same way that it is applied on the project wikis.
Bryan
--
Bryan Davis Wikimedia Foundation <bd808(a)wikimedia.org>
[[m:User:BDavis_(WMF)]] Manager, Technical Engagement Boise, ID USA
irc: bd808 v:415.839.6885 x6855