Page MenuHomePhabricator
Create Task
Maniphest T186274

Enable 2FA normal login
Closed, ResolvedPublic
Actions

Description

Currently accounts that use 2FA security can't get login with PWB on the wiki without using other type of authentication such as BotPasswords or OAuth.

In T137805#2786123, @Anomie wrote:

if you enable two-factor authentication[1] on the bot's account, Special:UserLogin will return a second page asking for the second factor and action=clientlogin will return a response with a similar request, while action=login will just fail.

So in theory it can be possible to use action=clientlogin to perform an authentication with 2FA.

See the related task for Huggle software and the research made : T180279: Enable 2FA normal login

Details

SubjectRepoBranchLines +/-
[IMPR] Enable 2FA login with Pywikibotpywikibot/coremaster+17 -1
Customize query in gerrit

Related Objects

Event Timeline

Framawiki created this task.Feb 1 2018, 10:26 PM
Restricted Application added subscribers: pywikibot-bugs-list, Aklapper. · View Herald TranscriptFeb 1 2018, 10:26 PM
Masti subscribed.Feb 2 2018, 12:02 AM
Dalba subscribed.Mar 21 2018, 7:05 AM

@Anomie, Is there any way to simulate/force an OpenID/Captcha authentication process for testing purposes or any wiki which we can test this on?

Anomie added a comment.Mar 21 2018, 2:59 PM

If you fail 3 logins on a WMF wiki, I believe it'll send a captcha for additional attempts from that IP or username.

If you set up your own wiki to test things on, you can configure things however you like.

Dvorapa added a subtask: T249706: Make clientlogin interactive.Apr 8 2020, 12:59 PM
Dvorapa merged a task: T252404: Enable 2FA login with pywikibot.May 11 2020, 1:28 PM
Dvorapa added a subscriber: Xqt.
Xqt triaged this task as High priority.Aug 19 2020, 2:25 AM
Pppery closed this task as a duplicate of T249706: Make clientlogin interactive.Aug 19 2020, 2:42 AM
Xqt reopened this task as Open.Aug 19 2020, 5:36 AM

This is a different task

Aklapper removed a subscriber: Anomie.Oct 16 2020, 5:01 PM
Ruthven subscribed.Apr 26 2021, 6:57 AM
Xqt claimed this task.Oct 13 2022, 4:59 PM
gerritbot added a comment.Oct 13 2022, 6:04 PM

Change 842505 had a related patch set uploaded (by Xqt; author: Xqt):

[pywikibot/core@master] [IMPR] Enable 2FA login with Pywikibot

https://gerrit.wikimedia.org/r/842505

gerritbot added a project: Patch-For-Review.Oct 13 2022, 6:04 PM
gerritbot added a comment.Oct 20 2022, 8:01 AM

Change 842505 had a related patch set uploaded (by Xqt; author: Xqt):

[pywikibot/core@master] [IMPR] Enable 2FA login with Pywikibot

https://gerrit.wikimedia.org/r/842505

gerritbot added a comment.Oct 20 2022, 8:11 AM

Change 842505 merged by jenkins-bot:

[pywikibot/core@master] [IMPR] Enable 2FA login with Pywikibot

https://gerrit.wikimedia.org/r/842505

Xqt closed this task as Resolved.Oct 20 2022, 8:17 AM
Xqt removed a project: Patch-For-Review.
Xqt removed a subtask: T249706: Make clientlogin interactive.
Xqt mentioned this in T192237: Support administrative actions in PAWS.Nov 26 2022, 2:48 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL