Also.... There's no reason an app or website needs to have a password, to have a password-less authentication, they would just have a single-factor authentication on "something you have".
In this setup, if you were to enable 2-factor authentication, you would then provide "something you know" (i.e. a password).
I've noticed a growing trend to get rid of passwords in the industry because, it's not a very good user experience and it's not a very good security practice either And honestly, it's not a terrible idea, I don't have to remember a password to get into my home or car, I just have to have a key.
On Wed, May 2, 2018 at 8:58 AM, David Barratt dbarratt@wikimedia.org wrote:
2 Factor Authentication can be broken up like this:
- Something you have
- Something you know
The "something you have" can be anything in your possession, this could be hard things like a U2F https://en.wikipedia.org/wiki/Universal_2nd_Factor device, a smartphone, or soft things like a phone number or an email address.
The "something you know" is something that can be stored inside your head, which is almost always a password or pin number of some kind.
So since the mobile app (or any mobile app for that matter) still requires something you have and something you know, it is still 2 factors.
See more: https://en.wikipedia.org/wiki/Multi-factor_authentication
On Wed, May 2, 2018 at 6:10 AM, Josephine Lim josephinelim86@gmail.com wrote:
Hi Daniel,
Happy to hear that you like the new features! :)
Re: 2FA logins, that is an interesting question! However, it is not one that is unique to our app, for if you log in to your 2FA-enabled Wikimedia account on your mobile phone's browser, both factors can also be on the same mobile device. ;) Perhaps someone more well-versed in security/authentication than I am could be better placed to answer that question.
Point noted re: the CCs, thanks!
Best regards, Josephine
On 2 May 2018 at 06:10, wikitech-l-request@lists.wikimedia.org wrote:
Message: 3 Date: Tue, 1 May 2018 13:10:15 -0700 From: Daniel Zahn dzahn@wikimedia.org To: Wikimedia developers wikitech-l@lists.wikimedia.org Subject: Re: [Wikitech-l] Commons app - version 2.7 release Message-ID: <CAERT87qNE20Yh7NNX5u_nCeiuy7Hqy6GHfd=xm1Cwym2Jtjqbw @mail.gmail.com> Content-Type: text/plain; charset="UTF-8"
- New "Nearby places that need pictures" UI with direct uploads (and
associated category suggestions) -
Woohoo. That's exactly what i was always missing and was so great about
the
old WikiLovesMonuments app.
Thank you very much!
Enabled two-factor authentication login
Also very nice, just wondering what the second factor is on mobile,
since
usually that's a mobile app as well. Does that still make it 2 factors?
P.S. Crossposting to multiple mailing lists at once with CC: can be
tricky,
maybe better send a separate mail to each.
Subject: Digest Footer
Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
End of Wikitech-l Digest, Vol 178, Issue 2
Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l