On Thu, May 15, 2014 at 9:20 PM, Quim Gil <qgil(a)wikimedia.org> wrote:
There are good reasons to plan for Wikimedia SUL only
(consistency with the
rest of Wikimedia projects), and there are good reasons to plan for other
providers as well (the easiest path for most first-time contributors).
If there's a problem with SUL/centralauth and you can't log in either
to the wikis or to phabricator then how do we report/track that issue?
(I'm a bit less worried about the case where SSO/federated auth breaks
but wiki login is still working.)
Also, have we considered two factor auth (2fa)? or are there some
users (security bugs?) that should have different requirements than
other users?
What do you think? Should we offer alternatives to
Wikimedia login? If so,
which ones?
I'm not sure about whether to open to any service under the sun. Would
need to be sure that users are very clear about what happens if their
choice of auth service is compromised or their account their is
compromised or service decides to shut down.
-Jeremy