U2F integration for Extension:OATHAuth
Open, Needs TriagePublic

Description

Research and, if possible integrate U2F authentication as a method for two-factor authentication.

Parent5446 updated the task description. (Show Details)
Parent5446 raised the priority of this task from to Needs Triage.
Parent5446 added a subscriber: Parent5446.
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMay 25 2015, 9:57 PM

Some quick notes for when this is started:

Tgr added a subscriber: Tgr.Nov 2 2015, 4:50 AM
Restricted Application added a subscriber: StudiesWorld. · View Herald TranscriptDec 19 2015, 2:32 PM
Krenair added a subscriber: Krenair.Mar 8 2016, 7:27 PM

Just pinging to say I saw this and I'm thinking about it.

Krenair added a comment.EditedJun 12 2016, 2:11 AM

I started playing with this a while back using a *heavily* modified fork of OATHAuth. It's nowhere near the point that I'd be comfortable sharing it though.

Wdwd added a subscriber: Wdwd.Nov 21 2016, 6:34 PM

I'm also interested, and intend to take a stab at implementing it sometime over the next few weeks. @Krenair @dpatrick let me know if you've started work on something worth basing my attempt off of.

There was another attempt today to break Wikipedia accounts of several prominent users. This would help us greatly.

I would like to support this request as well, it is very helpful

TheDJ added a subscriber: TheDJ.May 16 2017, 2:58 PM
SPoore added a subscriber: SPoore.Fri, May 26, 1:39 PM
Reedy added a subscriber: Reedy.EditedTue, May 30, 9:16 PM

There was another attempt today to break Wikipedia accounts of several prominent users. This would help us greatly.

I do note, just getting wider deployment of OATHAuth would be an easier (and quicker) win. I just filed T166622 as I can't find a current task...

I'm not 100% sure whether U2F would work better for some people, or just cause confusion. Or if just providing another option is a good idea generally (which I think it probably is)

We know of a few usability and social issues filed in MediaWiki-extensions-OATHAuth that we want to get fixed at some point

revi added a subscriber: revi.Wed, Jun 7, 6:49 AM