When I attempt to enable two-factor authentication for my staff account "DPatrick (WMF)", the QR code cannot be read by Google Authenticator. Testing indicates that this is because the label portion of the key URI is not URI encoded.
- In Firefox, with Firebug installed, login to https://meta.wikimedia.org/ as a WMF staff person.
- Navigate to https://meta.wikimedia.org/w/index.php?title=Special:OATH&returnto=Special%3APreferences.
- Scan the QR code in Google Authenticator and observe that an error is displayed.
- In the Firebug console, enter the following: $("#qrcode").empty().qrcode("otpauth://totp/" + encodeURI("Meta:YourAccount (WMF)") + "?secret=YOURLISTEDSECRET");
- Scan the QR code in Google Authenticator and observe that the entry is successfully created.