Do you have anything specific in mind? Hard to say how feasible something is/evaluate without being more specific.
Most non-password alternatives that I can think of (e.g. Having public private key pairs or something) have the problem that they can't really be integrated well enough into a web browser based environment that folks other than the most technical of users find them an acceptable burden.
--bawolff On 8/7/14, Pine W wiki.pine@gmail.com wrote:
I think we should start looking at alternative authentication systems especially for high risk accounts. There are several variations on the theme of one-time passwords that I think could bd explored.
Pine On Aug 6, 2014 11:05 PM, "Brian Wolff" bawolff@gmail.com wrote:
On Aug 6, 2014 8:57 AM, "svetlana" svetlana@fastmail.com.au wrote:
On Wed, 6 Aug 2014, at 21:49, Andre Klapper wrote:
On Tue, 2014-08-05 at 22:05 -0700, Pine W wrote:
After reading this [1] I am wondering if Wikimedia should start
taking
steps to reduce reliance on usernames and passwords.
What "steps" do you refer to, or is this intentionally vague? Disallowing usernames and logins? Two-step authentication/verification? Something else?
andre
from what i could read and parse: use less of external things like skype and google accounts so that there is only 1 username for everything
The solution to stolen credentials is to combine all credentials so that a single credential can control everything?
--bawolff _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l