Reinventing the wheel is not a good idea, choosing an existing and active open source project and take part into development is cheaper and more sustainable, phabricator is a good example.
Vito
2016-11-14 11:45 GMT+01:00 Fæ faewik@gmail.com:
Task: https://phabricator.wikimedia.org/T150646 - A Wikimedia hosted two-factor authentication app
I agree there are issues, and the help files would need a lot more work before a wider roll-out. The current advice[1] is too open ended and many users randomly searching for two-factor authentication apps (or browser plug-ins) will end up using Google's, or a supplier with no track record, or even some other app with commercial adverts.
Open source solutions are around, like Authy[2] (which is what I'm using). There is nothing to stop the WMF from hosting a build using current open source code, and even making it available on Google Play, with the options of customizing it in useful ways later on. For these reasons I've kicked of the task above for the WMF to consider hosting an app.
Links:
On 14 November 2016 at 08:05, Gnangarra gnangarra@gmail.com wrote:
I see this as not solving problems but creating barriers to participation
- one is the complexity of the process
https://meta.wikimedia.org/wiki/Help:Two-factor_authentication the
more
complicated the systems the more opportunity for failures, more
points of
access where data can be compromised, and the flip side the easier it
is
for people to be locked out,
- its using 3rd party, no matter how good the system of the third
party
why should I be using anything other than the WMF system to login, my connection is with the WMF. Who is responsible if the connection is compromised or my data misused by the third party regardless of which
third
party used they need to know your user details to complete the loop
in the
authentication .
- an authentication app is just inviting people to attempt to
compromise
the account as you have already given them part of the process should
you
lose your device
What I see could be a technical benefit has a dark side that is enabling additional parties to monitor our activities even compromise them. I
think
that "security" card is being played poorly here as anonymity in editing
is
something we have always respected the 3rd party participation in authentication appears to be stripping that away. Google and like minded commercial companies only provide these free tools to gather data for
their
own internal uses to enable them to better target the advertising that
they
sell.
On 14 November 2016 at 08:10, Craig Franklin cfranklin@halonetwork.net wrote:
This is really excellent. Thankyou!
Cheers, Craig
On 13 November 2016 at 01:46, Steinsplitter Wiki < steinsplitter@wikipedia.de
wrote:
https://en.wikipedia.org/wiki/Wikipedia:Administrators%27_ noticeboard#Two-Factor_Authentication_now_available_for_admins
Von: Wikimedia-l wikimedia-l-bounces@lists.wikimedia.org im Auftrag
von
Amir Ladsgroup ladsgroup@gmail.com Gesendet: Samstag, 12. November 2016 15:37 An: Wikimedia Mailing List Betreff: Re: [Wikimedia-l] How should security of Wikimedia accounts
be
better?
Emphasizing on this part of my message: "'Google Authenticator' *or
similar
ones.*"
On Sat, Nov 12, 2016 at 6:04 PM Vi to vituzzu.wiki@gmail.com wrote:
Actually I consider to be sensitive the google account linked to my
mobile
phone :|
also lots of people might have no compatible devices.
Vito
2016-11-12 15:30 GMT+01:00 Amir Ladsgroup ladsgroup@gmail.com:
There is no need to store phone number at all. You need to install an app called "Google Authenticator" or
similar
ones.
Then you scan a QR code from a special page in Wikipedia. Then
every
time
you want to login, you need to give username, password and a
short-lived
token the app gives you. See this for more details:
March/000104.html
On Sat, Nov 12, 2016 at 5:38 PM Fæ faewik@gmail.com wrote:
Good point Vito,
I agree that mobile numbers are personal information. However, my understanding of the two-factor process would be that it can set
up
so
that mobile numbers are *guaranteed* to never be logged or
archived
and only stored in a constrained way for a verification number to
be
issued. There are various ways of getting two-factor processes to work, so methods that do not rely on mobile numbers may suit volunteers that are worried about sending their mobile phone
number
to
any server in the USA, where there are always questions about
secret
access and storage for government agencies.
We can require that guarantees are given and transparently assured
for
how any personal information like this is handled by WMF
implemented
software. It could even be an area that requires legally
meaningful
assurance, or local processing to avoid, say, Europeans sending
any
personal data to the USA. ;-)
Fae
On 12 November 2016 at 13:53, Vi to vituzzu.wiki@gmail.com
wrote:
> My phone number is something I consider highly sensitive.
Linking
this
kind > of data to my online identity would be an unacceptable risk for
me.
> > Vito > > 2016-11-12 13:37 GMT+01:00 Amir Ladsgroup <ladsgroup@gmail.com
:
> >> As far as I know 2FA is already implemented and mandatory for
WMF
staff
>> accounts and wikitech accounts. https://phabricator.wikimedia. org/T107605 >> >> I emphasized on having 2fa for CUs, oversights and others with
private
data >> access: https://phabricator.wikimedia.org/T107605#2570342 >> Not sure what's blocking this. >> >> Best >> >> On Sat, Nov 12, 2016 at 3:57 PM Craig Franklin < cfranklin@halonetwork.net > >> wrote: >> >> > I know it's been said many times, but two-factor
authentication,
>> mandatory >> > for accounts with advanced privileges and optionally
available
for
>> everyone >> > else, would seem to be a logical step. It's not foolproof,
but
it
would >> go >> > a long way to making us less of a soft target. >> > >> > Cheers, >> > Craig >> > >> > On 12 November 2016 at 22:22, Fæ faewik@gmail.com wrote: >> > >> > > Do any of the volunteers contributing to this list have
ideas
for
>> > > changes that may make a significant difference to security? >> > > >> > > Yesterday saw Jimmy Wales' Wikipedia account getting
hacked,
in
the
>> > > process appearing to promote an organisation.[1] It was not
the
only
>> > > account compromised. This is being analysed, though as
there
are
>> > > security issues being examined, the analysis has not been
made
public >> > > so far; plus it's the weekend :-) >> > > >> > > Over the last few years, there have improvements on account
set-up
and >> > > choice of passwords, along with user suggestions for better
account
>> > > management. Users can also chose to use committed
identities[2]
to
>> > > make account recovery easier, and are encouraged to use
more
secure
>> > > passwords. Two-factor authentication,[3] such as using
mobile
phone
>> > > text messages, has been suggested a few times by
volunteers,
and
this >> > > might be a good moment to encourage the WMF to have better facilities >> > > built into the projects. We could even make two-factor identification >> > > a requirement for trusted users, such as administrators,
important
>> > > bots, and "high profile" accounts, where they may have
special
rights >> > > that could cause a fair amount of disruption if a hacked
account
were >> > > not identified quickly. Considering that some administrator
accounts
>> > > can lie dormant for many months without the actual user
monitoring
it, >> > > these could end up being far more disruptive than
well-watched
>> > > accounts like Jimmy's. >> > > >> > > We may want extra security to remain mostly optional,
keeping
our
>> > > projects simple to access. Education of new volunteers and
trusted
>> > > users may be critical for making it effective, such as
avoiding
social >> > > hacking. A clearer understanding of what the community
would
want
to
>> > > see improved would probably help set development
priorities.
>> > > >> > > Links >> > > 1.
https://en.wikipedia.org/wiki/User_talk:Jimbo_Wales#Compromised
>> > > 2. https://en.wikipedia.org/wiki/
Template:Committed_identity
>> > > 3. https://en.wikipedia.org/wiki/
Multi-factor_authentication
>> > > >> > > Thanks, >> > > Fae >> > > -- >> > > faewik@gmail.com https://commons.wikimedia.org/
wiki/User:Fae
>> > > >> > > _______________________________________________ >> > > Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/ >> > > wiki/Mailing_lists/Guidelines >> > > New messages to: Wikimedia-l@lists.wikimedia.org >> > > Unsubscribe: https://lists.wikimedia.org/ mailman/listinfo/wikimedia-l , >> > > mailto:wikimedia-l-request@lists.wikimedia.org?subject= unsubscribe >> > _______________________________________________ >> > Wikimedia-l mailing list, guidelines at: >> > https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines >> > New messages to: Wikimedia-l@lists.wikimedia.org >> > Unsubscribe:
https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
, >> > <mailto:wikimedia-l-request@lists.wikimedia.org
?subject=unsubscribe>
>> _______________________________________________ >> Wikimedia-l mailing list, guidelines at:
>> wiki/Mailing_lists/Guidelines >> New messages to: Wikimedia-l@lists.wikimedia.org >> Unsubscribe: https://lists.wikimedia.org/
mailman/listinfo/wikimedia-l
,
>> <mailto:wikimedia-l-request@lists.wikimedia.org?subject=
unsubscribe>
-- faewik@gmail.com https://commons.wikimedia.org/wiki/User:Fae
Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/
mailman/listinfo/wikimedia-l,
<mailto:wikimedia-l-request@lists.wikimedia.org?subject=
unsubscribe>
Wikimedia-l mailing list, guidelines at:
wiki/Mailing_lists/Guidelines New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/
mailman/listinfo/wikimedia-l,
<mailto:wikimedia-l-request@lists.wikimedia.org?subject=
unsubscribe>
Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/
mailman/listinfo/wikimedia-l,
<mailto:wikimedia-l-request@lists.wikimedia.org?subject=
unsubscribe>
Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/ wiki/Mailing_lists/Guidelines New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
,
mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe _______________________________________________ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/ wiki/Mailing_lists/Guidelines New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
,
mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/ wiki/Mailing_lists/Guidelines New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
-- GN. President Wikimedia Australia WMAU: http://www.wikimedia.org.au/wiki/User:Gnangarra Photo Gallery: http://gnangarra.redbubble.com _______________________________________________ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/
wiki/Mailing_lists/Guidelines
New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
-- faewik@gmail.com https://commons.wikimedia.org/wiki/User:Fae Personal and confidential, please do not circulate or re-quote.
Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/ wiki/Mailing_lists/Guidelines New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe