I think we should start looking at alternative authentication systems especially for high risk accounts. There are several variations on the theme of one-time passwords that I think could bd explored.
Pine On Aug 6, 2014 11:05 PM, "Brian Wolff" bawolff@gmail.com wrote:
On Aug 6, 2014 8:57 AM, "svetlana" svetlana@fastmail.com.au wrote:
On Wed, 6 Aug 2014, at 21:49, Andre Klapper wrote:
On Tue, 2014-08-05 at 22:05 -0700, Pine W wrote:
After reading this [1] I am wondering if Wikimedia should start
taking
steps to reduce reliance on usernames and passwords.
What "steps" do you refer to, or is this intentionally vague? Disallowing usernames and logins? Two-step authentication/verification? Something else?
andre
from what i could read and parse: use less of external things like skype and google accounts so that there is only 1 username for everything
The solution to stolen credentials is to combine all credentials so that a single credential can control everything?
--bawolff _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l