- Name of tool/project: LoginNotify
- Project home page: https://mediawiki.org/wiki/Extension:LoginNotify
- Name of team requesting review: Security
- Primary contact: @Bawolff
- Target date for deployment: Whenever.
Maybe end of July
- Link to code repository / patchset: rELGN (or gerrit mediawiki/extension/LoginNotify.git)
- Programming Language(s) Used: PHP
Description of the tool/project
Give echo notifications whenever someone attempts to login but gives wrong password.
Extension tries to determine if the user is coming from a previously used address, and is more sensitive in that case.
Has option to send email notices any time someone logs in from an address not previously used.
Description of how the tool will be used at WMF
Allow people to detect if someone is trying to break into their account
For background see T11838
Has this project been reviewed before?
Working test environment
Standard MediaWiki extension. git clone the repo. wfLoadExtension( 'LoginNotify' );
Security team I guess