Fæ wrote:
Do any of the volunteers contributing to this list have
ideas for
changes that may make a significant difference to security?
When you log in, you're given a user session. This session, along with
local Web browser HTTP cookies, allows you to stay logged in and
authenticated as you browse and edit a wiki. We've previously discussed
the ability for a user to see all of his or her account's active sessions,
similar to what other sites (GitHub, Facebook, Google) already allow.
This type of interface lets a user see his or her own active sessions,
originating IP addresses and User-Agent strings, and sometimes the
interface allows destroying all or some sessions (e.g., if you see a
session from the time you logged in to a friend's computer). This type of
interface can also be used, for better or worse, to track typical behavior
of the user, so that if a user often logs in from a specific IP address
range (e.g., their home computer in the UK), a user session that comes
from a vastly different IP address range (e.g., a mobile device in
Australia) can be flagged and reported to the user. Or, in the case of
two-factor authentication, a "suspicious" login attempt can be required to
go through additional verification. These types of systems are common for
Gmail accounts and some credit card accounts.
Regarding a user seeing a list of his or her own active sessions and
corresponding information, there was, and there likely still is,
considerable opposition to this idea. It's akin to a "self-CheckUser"
feature (which I think we should separately support) and there were
concerns that we would help vandals, sockpuppets, and other bad users.
Some links:
*
https://www.mediawiki.org/wiki/?curid=117743
*
https://www.mediawiki.org/wiki/?curid=156161
*
https://phabricator.wikimedia.org/T387
*
https://phabricator.wikimedia.org/T29242
MZMcBride