Page MenuHomePhabricator

Support Yubikeys for 2FA on wikis
Closed, DuplicatePublic


2FA has been recently enabled on wikis for sysop accounts. However, not all admins have smartphones or mobile phones supporting Java applications.

Yubikeys would be a good alternative, they are currently supported by Google, GitHub, Dropbox, etc.

Event Timeline

I't also used by WMF in internal. One missing thing is OATHAuth currently only manage TOTP, not yet HOTP.

Yeah, this is actually a dupe

There is a yubico authenticator program where you can plug in your yubikey (or tap it for the phone app), enter your password, and use as an alternative to google authenticator.