Page MenuHomePhabricator

Support Yubikeys for 2FA on wikis
Closed, DuplicatePublic

Description

2FA has been recently enabled on wikis for sysop accounts. However, not all admins have smartphones or mobile phones supporting Java applications.

Yubikeys would be a good alternative, they are currently supported by Google, GitHub, Dropbox, etc.

https://www.yubico.com/products/yubikey-hardware/

Event Timeline

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptNov 13 2016, 1:44 PM

I't also used by WMF in internal. One missing thing is OATHAuth currently only manage TOTP, not yet HOTP.

Jules78120 removed a subscriber: Jules78120.
Jules78120 added a subscriber: Jules78120.
Reedy added a comment.Nov 13 2016, 2:27 PM

Yeah, this is actually a dupe

Reedy added a comment.Nov 13 2016, 2:30 PM

T150565

Won't let me do it on my phone

There is a yubico authenticator program where you can plug in your yubikey (or tap it for the phone app), enter your password, and use as an alternative to google authenticator.

sbassett moved this task from Backlog to Done on the Security-Team board.Jun 11 2019, 6:34 PM