In terms of external authentication, we need Extension:OpenID to catch up to the OpenID standard in order to do that.
In terms of two-factor, I have like eight patches for Extension:OATHAuth attempting to make it production-worthy.
https://gerrit.wikimedia.org/r/132783 -- Tyler Romeo 0x405D34A7C86B42DF
From: svetlana svetlana@fastmail.com.au Reply: Wikimedia developers wikitech-l@lists.wikimedia.org> Date: August 6, 2014 at 7:57:12 To: wikitech-l@lists.wikimedia.org wikitech-l@lists.wikimedia.org> Subject: Re: [Wikitech-l] News about stolen Internet credentials; reducing Wikimedia reliance on usernames and passwords
On Wed, 6 Aug 2014, at 21:49, Andre Klapper wrote:
On Tue, 2014-08-05 at 22:05 -0700, Pine W wrote:
After reading this [1] I am wondering if Wikimedia should start taking steps to reduce reliance on usernames and passwords.
What "steps" do you refer to, or is this intentionally vague? Disallowing usernames and logins? Two-step authentication/verification? Something else?
andre
from what i could read and parse: use less of external things like skype and google accounts so that there is only 1 username for everything
_______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l