Reinventing the wheel is not a good idea, choosing an existing and active
open source project and take part into development is cheaper and more
sustainable, phabricator is a good example.
Vito
2016-11-14 11:45 GMT+01:00 Fæ <faewik(a)gmail.com>om>:
Task:
https://phabricator.wikimedia.org/T150646 - A
Wikimedia hosted
two-factor authentication app
I agree there are issues, and the help files would need a lot more
work before a wider roll-out. The current advice[1] is too open ended
and many users randomly searching for two-factor authentication apps
(or browser plug-ins) will end up using Google's, or a supplier with
no track record, or even some other app with commercial adverts.
Open source solutions are around, like Authy[2] (which is what I'm
using). There is nothing to stop the WMF from hosting a build using
current open source code, and even making it available on Google Play,
with the options of customizing it in useful ways later on. For these
reasons I've kicked of the task above for the WMF to consider hosting
an app.
Links:
1.
https://meta.wikimedia.org/wiki/Help:Two-factor_authentication
2.
https://github.com/authy
On 14 November 2016 at 08:05, Gnangarra <gnangarra(a)gmail.com> wrote:
I see this as not solving problems but creating
barriers to participation
- one is the complexity of the process
https://meta.wikimedia.org/wiki/Help:Two-factor_authentication the
more
complicated the systems the more opportunity
for failures, more
points of
access where data can be compromised, and the
flip side the easier it
is
for people to be locked out,
- its using 3rd party, no matter how good the system of the third
party
why should I be using anything other than the
WMF system to login, my
connection is with the WMF. Who is responsible if the connection is
compromised or my data misused by the third party regardless of which
third
party used they need to know your user details
to complete the loop
in the
authentication .
- an authentication app is just inviting people to attempt to
compromise
the account as you have already given them
part of the process should
you
lose your device
What I see could be a technical benefit has a dark side that is enabling
additional parties to monitor our activities even compromise them. I
think
that "security" card is being played
poorly here as anonymity in editing
is
something we have always respected the 3rd party
participation in
authentication appears to be stripping that away. Google and like minded
commercial companies only provide these free tools to gather data for
their
own internal uses to enable them to better target
the advertising that
they
sell.
On 14 November 2016 at 08:10, Craig Franklin <cfranklin(a)halonetwork.net>
wrote:
> This is really excellent. Thankyou!
>
> Cheers,
> Craig
>
> On 13 November 2016 at 01:46, Steinsplitter Wiki <
> steinsplitter(a)wikipedia.de
> > wrote:
>
> >
https://en.wikipedia.org/wiki/Wikipedia:Administrators%27_
> > noticeboard#Two-Factor_Authentication_now_available_for_admins
> >
> > ________________________________
> > Von: Wikimedia-l <wikimedia-l-bounces(a)lists.wikimedia.org> im Auftrag
> von
> > Amir Ladsgroup <ladsgroup(a)gmail.com>
> > Gesendet: Samstag, 12. November 2016 15:37
> > An: Wikimedia Mailing List
> > Betreff: Re: [Wikimedia-l] How should security of Wikimedia accounts
be
> > better?
> >
> > Emphasizing on this part of my message: "'Google Authenticator'
*or
> similar
> > ones.*"
> >
> > On Sat, Nov 12, 2016 at 6:04 PM Vi to <vituzzu.wiki(a)gmail.com> wrote:
> >
> > > Actually I consider to be sensitive the google account linked to my
> > mobile
> > > phone :|
> > >
> > > also lots of people might have no compatible devices.
> > >
> > > Vito
> > >
> > > 2016-11-12 15:30 GMT+01:00 Amir Ladsgroup <ladsgroup(a)gmail.com>om>:
> > >
> > > > There is no need to store phone number at all.
> > > > You need to install an app called "Google Authenticator" or
similar
> > ones.
> > > > Then you scan a QR code from a special page in Wikipedia. Then
every
> > time
> > > > you want to login, you need to give username, password and a
> > short-lived
> > > > token the app gives you. See this for more details:
> > > >
> > >
https://lists.wikimedia.org/pipermail/labs-announce/2016-
> > March/000104.html
> > > >
> > > >
> > > >
> > > > On Sat, Nov 12, 2016 at 5:38 PM Fæ <faewik(a)gmail.com> wrote:
> > > >
> > > > Good point Vito,
> > > >
> > > > I agree that mobile numbers are personal information. However, my
> > > > understanding of the two-factor process would be that it can set
up
> so
> > > > that mobile numbers are *guaranteed* to never be logged or
archived
> > > > and only stored in a
constrained way for a verification number to
be
> > > > issued. There are various ways
of getting two-factor processes to
> > > > work, so methods that do not rely on mobile numbers may suit
> > > > volunteers that are worried about sending their mobile phone
number
> to
> > > > any server in the USA, where there are always questions about
secret
> > > > access and storage for
government agencies.
> > > >
> > > > We can require that guarantees are given and transparently assured
> for
> > > > how any personal information like this is handled by WMF
implemented
> > > > software. It could even be an
area that requires legally
meaningful
> > > > assurance, or local processing
to avoid, say, Europeans sending
any
> > > > personal data to the USA.
;-)
> > > >
> > > > Fae
> > > >
> > > > On 12 November 2016 at 13:53, Vi to <vituzzu.wiki(a)gmail.com>
wrote:
> > > > > My phone number is
something I consider highly sensitive.
Linking
> > this
> > > > kind
> > > > > of data to my online identity would be an unacceptable risk for
me.
> >
> >
> > > > Vito
> > > >
> > > > 2016-11-12 13:37 GMT+01:00 Amir Ladsgroup <ladsgroup(a)gmail.com
:
> > > > >
> > > > >> As far as I know 2FA is already implemented and mandatory for
WMF
> > > staff
> > > > >> accounts and wikitech accounts.
https://phabricator.wikimedia.
> > > > org/T107605
> > > > >>
> > > > >> I emphasized on having 2fa for CUs, oversights and others
with
> > private
> > > > data
> > > > >> access:
https://phabricator.wikimedia.org/T107605#2570342
> > > > >> Not sure what's blocking this.
> > > > >>
> > > > >> Best
> > > > >>
> > > > >> On Sat, Nov 12, 2016 at 3:57 PM Craig Franklin <
> > > > cfranklin(a)halonetwork.net
> > > > >
> > > > >> wrote:
> > > > >>
> > > > >> > I know it's been said many times, but two-factor
authentication,
> > > > >> mandatory
> > > > >> > for accounts with advanced privileges and optionally
available
> for
> > > > >> everyone
> > > > >> > else, would seem to be a logical step. It's not
foolproof,
but
> it
> > > > would
> > > > >> go
> > > > >> > a long way to making us less of a soft target.
> > > > >> >
> > > > >> > Cheers,
> > > > >> > Craig
> > > > >> >
> > > > >> > On 12 November 2016 at 22:22, Fæ
<faewik(a)gmail.com> wrote:
> > > > >> >
> > > > >> > > Do any of the volunteers contributing to this list
have
ideas
> > for
> > > > >> > > changes that may make a significant difference to
security?
> > > > >> > >
> > > > >> > > Yesterday saw Jimmy Wales' Wikipedia account
getting
hacked,
> in
> > > the
> > > > >> > > process appearing to promote an organisation.[1] It
was not
> the
> > > only
> > > > >> > > account compromised. This is being analysed, though
as
there
> are
> > > > >> > > security issues being examined, the analysis has
not been
made
> > > > public
> > > > >> > > so far; plus it's the weekend :-)
> > > > >> > >
> > > > >> > > Over the last few years, there have improvements on
account
> > set-up
> > > > and
> > > > >> > > choice of passwords, along with user suggestions
for better
> > > account
> > > > >> > > management. Users can also chose to use committed
> identities[2]
> > to
> > > > >> > > make account recovery easier, and are encouraged to
use
more
> > > secure
> > > > >> > > passwords. Two-factor authentication,[3] such as
using
mobile
> > > phone
> > > > >> > > text messages, has been suggested a few times by
volunteers,
> and
> > > > this
> > > > >> > > might be a good moment to encourage the WMF to have
better
> > > > facilities
> > > > >> > > built into the projects. We could even make
two-factor
> > > > identification
> > > > >> > > a requirement for trusted users, such as
administrators,
> > important
> > > > >> > > bots, and "high profile" accounts, where
they may have
special
> > > > rights
> > > > >> > > that could cause a fair amount of disruption if a
hacked
> account
> > > > were
> > > > >> > > not identified quickly. Considering that some
administrator
> > > accounts
> > > > >> > > can lie dormant for many months without the actual
user
> > monitoring
> > > > it,
> > > > >> > > these could end up being far more disruptive than
well-watched
> > > > >> > > accounts
like Jimmy's.
> > > > >> > >
> > > > >> > > We may want extra security to remain mostly
optional,
keeping
> > our
> > > > >> > > projects simple to access. Education of new
volunteers and
> > trusted
> > > > >> > > users may be critical for making it effective, such
as
> avoiding
> > > > social
> > > > >> > > hacking. A clearer understanding of what the
community
would
> > want
> > > to
> > > > >> > > see improved would probably help set development
priorities.
Template:Committed_identity
Multi-factor_authentication
> > > > >> > >
> > > > >> > > Thanks,
> > > > >> > > Fae
> > > > >> > > --
> > > > >> > > faewik(a)gmail.com
https://commons.wikimedia.org/
wiki/User:Fae
> > > > >> > >
> > > > >> > > _______________________________________________
> > > > >> > > Wikimedia-l mailing list, guidelines at:
> > > >
https://meta.wikimedia.org/
> > > > >> > > wiki/Mailing_lists/Guidelines
> > > > >> > > New messages to: Wikimedia-l(a)lists.wikimedia.org
> > > > >> > > Unsubscribe:
https://lists.wikimedia.org/
> > > > mailman/listinfo/wikimedia-l
> > > > ,
> > > >
> > >
<mailto:wikimedia-l-request@lists.wikimedia.org?subject=
> > > >
unsubscribe>
> > > > >> > _______________________________________________
> > > > >> > Wikimedia-l mailing list, guidelines at:
> > > > >> >
https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines
> > > > >> > New messages to: Wikimedia-l(a)lists.wikimedia.org
> > > > >> > Unsubscribe:
> > >
https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
> > > > ,
> > > > >> > <mailto:wikimedia-l-request@lists.wikimedia.org
> > > ?subject=unsubscribe>
> > > > >> _______________________________________________
> > > > >> Wikimedia-l mailing list, guidelines at:
> >
https://meta.wikimedia.org/
> > > > >> wiki/Mailing_lists/Guidelines
> > > > >> New messages to: Wikimedia-l(a)lists.wikimedia.org
> > > > >> Unsubscribe:
https://lists.wikimedia.org/
> > mailman/listinfo/wikimedia-l
> > > ,
> > > > >> <mailto:wikimedia-l-request@lists.wikimedia.org?subject=
> > unsubscribe>
> > > >
> > > > --
> > > > faewik(a)gmail.com
https://commons.wikimedia.org/wiki/User:Fae
> > > >
> > > > _______________________________________________
> > > > Wikimedia-l mailing list, guidelines at:
> > > >
https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines
> > > > New messages to: Wikimedia-l(a)lists.wikimedia.org
> > > > Unsubscribe:
https://lists.wikimedia.org/
> mailman/listinfo/wikimedia-l,
> > > > <mailto:wikimedia-l-request@lists.wikimedia.org?subject=
unsubscribe>
> > > >
_______________________________________________
> > > > Wikimedia-l mailing list, guidelines at:
https://meta.wikimedia.org/
> > > > wiki/Mailing_lists/Guidelines
> > > > New messages to: Wikimedia-l(a)lists.wikimedia.org
> > > > Unsubscribe:
https://lists.wikimedia.org/
> mailman/listinfo/wikimedia-l,
> > > > <mailto:wikimedia-l-request@lists.wikimedia.org?subject=
unsubscribe>
> > > >
> > > _______________________________________________
> > > Wikimedia-l mailing list, guidelines at:
> > >
https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines
> > > New messages to: Wikimedia-l(a)lists.wikimedia.org
> > > Unsubscribe:
https://lists.wikimedia.org/
mailman/listinfo/wikimedia-l,
> > >
<mailto:wikimedia-l-request@lists.wikimedia.org?subject=
unsubscribe>
> >
_______________________________________________
> > Wikimedia-l mailing list, guidelines at:
https://meta.wikimedia.org/
> > wiki/Mailing_lists/Guidelines
> > New messages to: Wikimedia-l(a)lists.wikimedia.org
> > Unsubscribe:
https://lists.wikimedia.org/mailman/listinfo/wikimedia-l ,
>> > <mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe>
> >
_______________________________________________
> > Wikimedia-l mailing list, guidelines at:
https://meta.wikimedia.org/
> > wiki/Mailing_lists/Guidelines
> > New messages to: Wikimedia-l(a)lists.wikimedia.org
> > Unsubscribe:
https://lists.wikimedia.org/mailman/listinfo/wikimedia-l ,
<mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe>
_______________________________________________
Wikimedia-l mailing list, guidelines at:
https://meta.wikimedia.org/
wiki/Mailing_lists/Guidelines
New messages to: Wikimedia-l(a)lists.wikimedia.org
Unsubscribe:
https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
<mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe>
--
GN.
President Wikimedia Australia
WMAU:
http://www.wikimedia.org.au/wiki/User:Gnangarra
Photo Gallery:
http://gnangarra.redbubble.com
_______________________________________________
Wikimedia-l mailing list, guidelines at:
https://meta.wikimedia.org/
wiki/Mailing_lists/Guidelines
New messages to: Wikimedia-l(a)lists.wikimedia.org
Unsubscribe:
https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
<mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe>
--
faewik(a)gmail.com
https://commons.wikimedia.org/wiki/User:Fae
Personal and confidential, please do not circulate or re-quote.
_______________________________________________
Wikimedia-l mailing list, guidelines at:
https://meta.wikimedia.org/
wiki/Mailing_lists/Guidelines
New messages to: Wikimedia-l(a)lists.wikimedia.org
Unsubscribe:
https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
<mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe>