There is no point in providing options that virtually
no one will use.
It wastes the effort of all the people who have the maintain the
relevant code, and it's yet more distraction on our already
way-too-bloated preferences page. And it will not be useful to anyone
when someone turns on the preference by mistake and can now no longer
log in because they gave a phone number that doesn't receive SMS, or
whatever. When few enough people want a preference that more people
are likely to turn it on by mistake than deliberately, and when
there's significant harm or confusion from turning it on by mistake,
that's a sign that it's a bad preference. (See also: "Use external
editor".)
Do you think that more than 0.01% of Wikimedia users will enable any
such preference if provided?
World of Warcraft provides RSA cards to their users. People use them. I
think some of the same people that use the SSL secured login would also opt
to use a more secure method of authentication. I think this is especially
the case if we were an OpenID provider, and people used us for this service.
Either way, I'd likely be the person writing this support, and it would be
as an extension, or through another means that wouldn't require much effort.
Respectfully,
Ryan Lane