Page MenuHomePhabricator

Allow all users on all wikis to use OATHAuth
Open, NormalPublic

Description

I thought we had a task for this, but I can't seem to find one...

We eventually want to enable OATHAuth on all wikis, for all users, pending a few usability improvements

Related Objects

Event Timeline

Reedy created this task.May 30 2017, 9:16 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMay 30 2017, 9:16 PM
Reedy renamed this task from Deploy Extension OATHAuth to all wikis to Allow all users on all wikis to use OATHAuth.May 30 2017, 9:25 PM

Duh. Subject changed to mean what I actually meant

TheDJ added a subscriber: TheDJ.May 30 2017, 9:45 PM
Luke081515 added a subscriber: Luke081515.
Daylen added a subscriber: Daylen.Jul 18 2017, 5:03 AM
Sniper296 added a subscriber: Sniper296.

This should happen as soon as possible because everyone should be to have additional security on their account if they so desire

Wong128hk added a subscriber: Wong128hk.
jrbs moved this task from Backlog to Security/Abuse on the Trust-and-Safety board.
jrbs added a subscriber: Jalexander.
jrbs added a subscriber: jrbs.
Reedy added a comment.Dec 6 2018, 8:34 AM

Ideally, IMHO, being able to do a device swap without disabling and re-enabling should be in there too (not sure where the task is for that straight off)

@Tgr and @Reedy, yep, this task is directly related to the #10 of #community-wishlist-survey-2019: 2FA available for all concerned editors

TheDJ added a comment.Dec 6 2018, 12:49 PM

@Tgr I think in the past we also said that some UI and interface messaging rework was needed to make the steps more understandable, esp around the topic of scratchcodes.

sbassett added a comment.EditedDec 6 2018, 4:01 PM

Trust-and-Safety might have some additional thoughts here, as they currently manage the operational work around OATHAuth. Though the tasks @Tgr mentioned (T166622#4802577) should alleviate most of their concerns, I'd imagine.

Tgr added a comment.Dec 7 2018, 1:48 AM

Ideally, IMHO, being able to do a device swap without disabling and re-enabling should be in there too (not sure where the task is for that straight off)

I guess that's T172079: Allow OATHAuth users with 2FA already enabled to add / switch devices without disabling? (that title is not super helpful)

@Tgr I think in the past we also said that some UI and interface messaging rework was needed to make the steps more understandable, esp around the topic of scratchcodes.

T150868: Expand scratch code instruction with advice to mark which codes you have used I guess?

Reedy added a comment.Dec 7 2018, 6:27 AM

Ideally, IMHO, being able to do a device swap without disabling and re-enabling should be in there too (not sure where the task is for that straight off)

I guess that's T172079: Allow OATHAuth users with 2FA already enabled to add / switch devices without disabling? (that title is not super helpful)

I think so, title improved a little bit

Reedy added a comment.Dec 7 2018, 6:38 AM

@Tgr and @Reedy, yep, this task is directly related to the #10 of #community-wishlist-survey-2019: 2FA available for all concerned editors

Actually implementing that task is easy (removing 10-15 lines from wmf-config)... It's the tasks mentioned above that need fixing first before we will do that

Tgr added a comment.Dec 10 2018, 7:11 AM

This is not really blocked on forcing on anyone 2FA, so rearranged the dependency tree a bit.

Hi, Please keeping (or try to keep) "Two-factor authentication testers" group for historical use . Thanks

Reedy added a comment.Dec 27 2018, 3:38 PM

Hi, Please keeping (or try to keep) "Two-factor authentication testers" group for historical use . Thanks

Why?

Tomybrz added a comment.EditedDec 28 2018, 11:34 PM

Hi, Please keeping (or try to keep) "Two-factor authentication testers" group for historical use . Thanks

Why?

Because we are actually "Beta tester" for a long time and i would like to keep a memory in my SUL :) (i'm not a Beta tester anymore since i'm mediawiki admin)

Lofhi added a subscriber: Lofhi.Apr 12 2019, 12:06 PM
Meisam added a subscriber: Meisam.May 6 2019, 11:49 AM
94rain added a subscriber: 94rain.Jun 11 2019, 4:34 AM