Page MenuHomePhabricator
Create Task
Maniphest T124445

Design research support for two step authentication
Open, MediumPublic
Actions

Description

Security and other teams are working to implement two step authentication across the foundation. They are aware that there are usability issues with end users using two step auth.

To get to the goals of this research define a methodology, the first step will be meeting with Security team to discuss.

https://etherpad.wikimedia.org/p/2step

Related Objects
Search...

Event Timeline

aripstra created this task.Jan 22 2016, 6:13 PM
aripstra raised the priority of this task from to Medium.
aripstra updated the task description. (Show Details)
aripstra added projects: Design-Research, Design Research and product team collaboration.
aripstra added subscribers: aripstra, Stype_and_Co.-WMF, Capt_Swing and 3 others.
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJan 22 2016, 6:13 PM
csteipp added a project: Security-Team.Jan 22 2016, 10:03 PM
csteipp set Security to None.
csteipp edited subscribers, added: csteipp, dpatrick; removed: Stype_and_Co.-WMF.
Krenair subscribed.Jan 22 2016, 10:05 PM
csteipp moved this task from Incoming to Ready on the Security-Team board.Jan 26 2016, 4:47 PM
ggellerman moved this task from Backlog to Done (Filter:All Tasks to view all completed) on the Design-Research board.Feb 1 2016, 10:27 PM
ggellerman moved this task from Done (Filter:All Tasks to view all completed) to Blocked on the Design-Research board.
ggellerman moved this task from Blocked to Backlog on the Design-Research board.
aripstra added a comment.Apr 15 2016, 5:39 PM

@csteipp we are wondering if this research is still needed? I see it is in Ready column on Security team work board. Let us know about timing if it is still needed. We will need to get together to better understand the research question if still needed.

aripstra added a comment.Apr 15 2016, 6:03 PM

Just talked with you, @csteipp - updating our understanding of the task, please correct me if I get anything wrong.

This is for two step auth for Wikipedia users. There will be a roll out (as a pilot to learn from) of several small groups of users in the next few weeks. Participation will be optional for users invited. It would be useful to gather feedback from this set of users to inform iterations before larger roll outs. We discussed meeting to create a structure for feedback together and a process for analysis and informed iteration. I will create a meeting for us to do some initial planning and get our heads together on this project.

aripstra moved this task from Backlog to Staged on the Design-Research board.Apr 15 2016, 6:04 PM
aripstra added a comment.May 5 2016, 11:02 PM

We met and discussed how to make the most of the pilot and any feedback that the Security team might gather during the pilot. The Design Research team does not have the time to do a full usability study for the 2-step pilot, but Darian and Chris and I met, and I shared some methods for asking for feedback from the participants of the pilot as well as structuring any incoming feedback so it is easy to analyze once the pilot is complete.

@dpatrick and @csteipp Chris let me know when you have the survey for review. I will leave the country next Friday, May 13th for research and will be pretty focused on that while gone. @dchen (Daisy) will also be able to review the survey and provide you with advice / feedback for it.

csteipp added a comment.May 5 2016, 11:09 PM

Darian has them written up, and I think he'll be passing them on today or tomorrow

dpatrick added a comment.May 6 2016, 12:02 AM

Here are some survey questions, separate by area of focus. I've added @aripstra
and @dchen as editors.

https://docs.google.com/document/d/1epSGu4Gc9fljHZFGHFC19ZpGXoN6-BeqNHgpLVWvgOg/edit

aripstra renamed this task from Usability testing for two step authentication to Design research support for two step authentication.May 6 2016, 12:27 AM
aripstra moved this task from Staged to In Progress on the Design-Research board.
csteipp moved this task from Ready to In Progress on the Security-Team board.May 9 2016, 6:18 PM
dpatrick updated the task description. (Show Details)May 9 2016, 6:52 PM
ggellerman assigned this task to dchen.May 20 2016, 5:36 PM
dpatrick added a project: MediaWiki-extensions-OATHAuth.May 27 2016, 2:41 AM
dpatrick added a parent task: T100375: Improve user experience of Two-Factor process.
dpatrick moved this task from Backlog to In Progress on the MediaWiki-extensions-OATHAuth board.May 27 2016, 2:53 AM
Parent5446 moved this task from In Progress to User Experience on the MediaWiki-extensions-OATHAuth board.Jun 3 2016, 9:46 PM
ggellerman edited projects, added Contributors-UX-Research; removed Design Research and product team collaboration, Design-Research.Sep 23 2016, 5:44 PM

@dchen Any update on status - will you complete or assign back Design Research? Thanks!!!

dchen added a comment.Sep 27 2016, 4:47 PM

@ggellerman no update for a couple months, i'd say can freeze/close for now, but i'll assign it back.

dchen reassigned this task from dchen to aripstra.Sep 27 2016, 4:48 PM
dchen edited projects, added Design-Research; removed Contributors-UX-Research.
dchen edited projects, added Design-Research-Backlog; removed Design-Research.
aripstra moved this task from Backlog to Paused on the Design-Research-Backlog board.Nov 10 2016, 11:56 PM
ggellerman added a comment.Dec 1 2016, 11:40 PM

@dpatrick We would like to close this ticket unless you think that we'll resume work on it. Thanks!

ggellerman added a comment.Jan 19 2017, 11:49 PM

@dpatrick
We are removing Design Research off this ticket. Please feel free to add us back if work resumes.

ggellerman removed a project: Design-Research-Backlog.Jan 19 2017, 11:49 PM
Restricted Application added a subscriber: jeblad. · View Herald TranscriptAug 25 2017, 12:47 PM
ggellerman unsubscribed.Nov 21 2017, 10:56 PM
Jseddon subscribed.Jan 25 2018, 6:32 AM

Are we distinguishing two-factor from two step?

Whilst two-step is not ideal, it is presumably easier to implement than two factor and would be a step forward.

Two-factor could then be added further down the line?

chasemp edited projects, added Security-team-backlog; removed Security-Team.Sep 4 2018, 3:25 PM
chasemp edited projects, added Security-Team; removed Security-team-backlog.Dec 23 2019, 5:12 PM
chasemp moved this task from In Progress to Back Orders on the Security-Team board.
chasemp moved this task from Back Orders to Watching on the Security-Team board.Dec 23 2019, 5:23 PM
Aklapper removed aripstra as the assignee of this task.Mar 6 2020, 11:53 AM

Resetting task assignee, as that user account is not active anymore.

Mstyles edited projects, added Security, SecTeam-Processed; removed Security-Team.Oct 13 2021, 7:29 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL