Page MenuHomePhabricator
Create Task
Maniphest T334480

Remove phabricator Multi-factor Auth for Atieno
Closed, ResolvedPublic
Actions

Description

Phab username: @Atieno

Reason for request:

  • I created my current TOTP 1 year ago and I since don't have access to the app with the Code so technically I don't have 2fa setup.

Request is to delete the current TOTP and setup a new one

Related Objects
Search...

Event Timeline

Atieno created this task.Apr 11 2023, 2:58 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptApr 11 2023, 2:58 PM
Atieno mentioned this in T306708: Establish a workflow that scales for requesting Phab 2FA resets.Apr 11 2023, 3:00 PM
JJMC89 edited projects, added Phabricator; removed SecTeam-Processed, Security, Security-Team.Apr 11 2023, 3:02 PM
sbassett subscribed.Apr 11 2023, 4:10 PM

So the process here would likely be:

  1. Since you're a WMF employee, someone here could verify your identity either via a committed identity if you have that set up or via a quick video chat where we could ask you some questions. I'm fine taking the time to do this as a member of the Security-Team.
  2. Once your identity is verified, someone with access to phab4001 (not me, as I don't have it) would need to perform these steps to reset your current mfa configuration.
Aklapper added a comment.Apr 11 2023, 4:45 PM

(For WMF employees, is a video chat a requirement, or would e.g. be an internal, written verification via a private "Slack" message also be sufficient?
PS: https://wikitech.wikimedia.org/wiki/Phabricator#Removing_Two_Factor_Authentication are the steps to perform for someone)

Peachey88 renamed this task from Multi-factor Auth for Atieno to Remove phabricator Multi-factor Auth for Atieno.Apr 11 2023, 8:06 PM
Atieno added parent tasks: T333550: Requesting access to analytics-privatedata-users for atieno, T332193: Run integration tests against device-analytics staging.Apr 13 2023, 7:27 AM
Atieno added a comment.Apr 13 2023, 11:03 AM

Hi @sbassett so can I schedule some time on your calendar for a video chat or can I slack you as @Aklapper has suggested. Though, I might go the video chat route it looks faster.

sbassett added a project: SRE.Apr 13 2023, 3:08 PM
In T334480#8778684, @Atieno wrote:

Hi @sbassett so can I schedule some time on your calendar for a video chat or can I slack you as @Aklapper has suggested. Though, I might go the video chat route it looks faster.

Works for me, though we might also want to try to get an SRE on that call (or someone with root on phab4001) to then perform the mfa reset once your identity is confirmed. Perhaps we should tag SRE to triage this task as a clinic item and then work from there.

Clement_Goubert subscribed.Apr 17 2023, 7:55 AM

I can do that as part of Clinic Duty, please schedule some time between 08:00 and 16:00UTC.

Clement_Goubert claimed this task.Apr 17 2023, 7:55 AM
Atieno added a comment.Apr 17 2023, 1:49 PM

Will do thanks @Clement_Goubert

FJoseph-WMF subscribed.Apr 17 2023, 1:54 PM
Clement_Goubert added a comment.Apr 17 2023, 1:58 PM

I have added @sbassett to the meeting, as they are the member of the security team that will verify before I remove the 2FA.

Clement_Goubert added a comment.Apr 18 2023, 12:38 PM

Identity confirmed and 2FA reset.

Clement_Goubert closed this task as Resolved.Apr 18 2023, 12:40 PM
sbassett moved this task from To Triage to Misc on the Phabricator board.Apr 18 2023, 3:11 PM
Dzahn awarded a token.May 10 2023, 5:30 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL