Page MenuHomePhabricator
Create Task
Maniphest T12038

Allow a user to prevent logins except from approved IPs
Closed, DeclinedPublic
Actions

Description

Author: falkeli

Description:
Given the high number of compromised accounts at en.wikipedia, I think that the following is a good partial solution:
On the preferences, allow a user to have the account locked to all IPs but the ones on a list which the user can edit. Automatically have any recent IPs used by the user be on the list, to make it easier for a user who doesn't know all of his/her IPs. Allow the use of ranges.

Version: unspecified
Severity: enhancement

Details

Reference
bz10038

Event Timeline

bzimport raised the priority of this task from to Lowest.Nov 21 2014, 9:50 PM
bzimport added a project: MediaWiki-Core-Preferences.
bzimport set Reference to bz10038.
bzimport added a subscriber: Unknown Object (MLST).
bzimport created this task.May 27 2007, 4:39 AM
bzimport added a comment.May 27 2007, 6:20 AM

ayg wrote:

Seems to be basically the same as bug 9837, except looked at from a different angle (list maintained by user instead of general sysops; whitelist instead of blacklist). This way is probably not as good an idea, given that people might lose control of their IP addresses and be unable to log in again without sysadmin intervention.

demon added a comment.May 1 2009, 2:28 PM

Marking WONTFIX per bug 9837 and especially per comment #1.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits