Right now, it's only possible using a maintenance script called disableOATHAuthForUser.php which requires production access which is not scaleable and it's one of the reasons preventing from allowing role out of 2FA for everyone.
Description
Details
Status | Subtype | Assigned | Task | ||
---|---|---|---|---|---|
Open | None | T100375 Improve user experience of Two-Factor process | |||
Open | None | T166622 Allow all users on all wikis to use OATHAuth | |||
Open | None | T180896 Allow functionaries to reset second factor on low-risk accounts | |||
Resolved | Ladsgroup | T195207 Special page to disable OATH for other users |
Event Timeline
Vaguely. Let's make this one into the addition of the special form. Make T180896 the rollout of the functionality (add the right to wmf-config etc)
Although the other is blocked on legal review... There's no reason to block the implementation; third party wikis potentially have a use for this too
Change 434197 had a related patch set uploaded (by Ladsgroup; owner: Amir Sarabadani):
[mediawiki/extensions/OATHAuth@master] Add SpecialDisableOATHForUser
Change 469886 had a related patch set uploaded (by Reedy; owner: Reedy):
[operations/mediawiki-config@master] Don't allow sysop users to disable 2FA for other users
Change 469886 merged by jenkins-bot:
[operations/mediawiki-config@master] Don't allow sysop users to disable 2FA for other users
Change 434197 merged by jenkins-bot:
[mediawiki/extensions/OATHAuth@master] Add SpecialDisableOATHForUser