Page MenuHomePhabricator

[iOS] Allow users to log in with 2FA in the app
Closed, ResolvedPublic


The recent enabling of MediaWiki-extensions-OATHAuth on Wikimedia-wikis (for admins) has caused me to not be able to log in to the app, since it does not handle 2FA-logins. I need a field to enter the 6 digit string. Right now it says "Logged in as Josve05a" (in the message at the top), even though it does not log me in (i.e. same message as T146685).

Build 996
iOS 10.1
iPhone 6s

Related Objects

Event Timeline

Josve05a renamed this task from Allow users to log in with 2FA in the app to [iOS] Allow users to log in with 2FA in the app.Nov 14 2016, 9:18 PM
Josve05a updated the task description. (Show Details)
Josve05a raised the priority of this task from High to Needs Triage.Nov 14 2016, 10:46 PM
Josve05a triaged this task as High priority.
Josve05a updated the task description. (Show Details)
TheDJ subscribed.

Extension TwoFactorAuthentication has been merged into OATHAuth.

Working on fleshing out specs, but one question: Do/can we allow users to update to 2FA from the app? That is, for new or exitsing users should we offer to let them turn 2FA on via the app login screen, or should we only support login and require people who want to enable 2FA to go to the web preference pane?

I don't think there is any API support for enabling/disabling 2FA currently.

Ideally, login would implement the full AuthManager API (that is, form generation from a descriptor that you get from the authmanager info API instead of presupposing anything about the fields) as there might be other authentication methods in the future. Don't know if that's plausible or too much effort to be worth it, though.

Related ticket


Tags: 2FA, Log in, Create account

This comment as a doc

User stories

Users with accounts
As a user with a Wikipedia account I would like to be able to log in to my account on the iOS app, even if I have 2FA enabled. When I forget my password, I would like to be able to reset my password through the app.

Users creating new accounts
When creating a new account through the app I would like to receive clear messaging from the system when an error occurs. Additionally, I would like to be able to learn about other ways to create an account if I cannot complete the CAPTCHA verification.

Design constraints

Design details

Inline error messaging and validation

When possible, place messaging inline with where the error occurred and explain to users what caused the error / how it can be fixed.

Log in

Action MessageLocationColor
User enters incorrect passwordInvalid passwordUnder password input fieldRed
User enters incorrect 2FA keyVerification failedUnder 2FA code input fieldRed

Create an account

Action MessageLocationColor
User enters a username that is already in useUsername already in useUnder username input fieldRed
Users password confirmation field does not match password fieldPasswords do not matchUnder verify password fieldYellow
User correctly verifies passwordPasswords matchUnder verify password fieldGreen


Action MessageLocationColor
User incorrectly enters CAPTCHAWrong code. Please try again.Under CAPTCHA text fieldRed


Action MessageLocationColor
User incorrectly enters 2FA keyVerification failedUnder 2FA fieldRed
Other system messages

Submission attempts exceed pre-set threshold

Action MessageColor
User exceeds number of login attemptsYou have made too many recent login attempts. Please wait 5 minutes before trying again.Red
User exceeds number of 2FA attemptsYou have made too many recent login attempts. Please wait 5 minutes before trying again.Red

Reset password email confirmation

Action MessageColor
User resets their passwordTemporary password sent via emailGreen

Other errors not related to form submission should also be shown as system messages.

Testing step prerequisites:

  • Need Wikipedia login credentials for an account which has admin privileges (Note: we probably can't give such credentials out... @JMinor? Should we just do this testing until 2FA is made available to non-admins?)
  • Need to use login on desktop to enable 2 Factor login for that account (only has to be done once). Login, tap "Preferences" link, then tap "Enable two-factor authentication" link.
  • Need to use app such as "Google Authenticator" (which provides 2FA login codes). This app can connect with the admin account via a barcode shown on the page which loads when you tap the "Enable two-factor authentication" link mentioned in the previous step.

Testing steps (once you have credentials to an admin account and have enabled 2FA for that account and configured "Google Authenticator" or other 2FA code generator):

  • Attempt to login to a 2FA "admin" account.
  • An interface requiring a six digit number will be show after correct primary password is entered
  • Get 6 digit code for "Wikimedia" from "Google Authenticator"
  • Enter 6 digit code before it expires
  • Correct code entry should result in login success. Incorrect code should result in login failure.

Tap for animation (does not show the "Google Authenticator" step - I had that running on my phone while I recorded the simulator): (720×396 px, 1 MB)

Thanks for the animation, that's super useful!

The problem with this kind of interface is that you cannot enter scratch tokens. Those are given out when you enable 2FA and you are supposed to write them down and put them in a safe or something, so that you can still log in when your phone is lost. (They can be used only once, hence "scratch" tokens.) Unfortunately we choose a completely different format for scratch tokens (8 alphanumeric characters I think?) so either the input interface should be made more generic, or there should be a separate interface, or the scratch token format should be changed.

@Tgr Oh that's a good point!!! It looks like the scratch tokens are 16 char alphanumeric (or at least they were for the test account i configured on beta).

Do you think changing the scratch token format would be a no-go?

If so I could make a ticket for adding a link to this interface for "Use scratch token" which could change the form to show a single text box...

^ @JMinor

I don't have Admin privileges so I suppose someone else needs to test this. If anyone believes I can test this as part of my TSG QA privileges, please post a list of steps I can use to test the functionality all by myself, and I will try to recreate the scenario.

A new subtask(?) regarding design: I wish there was an easy paste 2FA-code (Ctrl+v button) button, since I copy the code from another app, it would go so much smoother, if a button to just paste this code was avalible, than having to type the numbers/press and hold for the "paste"-button i visable in the field.

ABorbaWMF subscribed.

Looking good in testing so far. Ready for PM_Signoff.