Page MenuHomePhabricator
Create Task
Maniphest T355016

Allow users to customise where they get 2FA related notifications
Open, Needs TriagePublic
Actions

Description

I don't see any of the 2FA options on Special:Preferences#mw-prefsection-echo, but I do see "Login from an unfamiliar device" (for example) from MediaWiki-extensions-LoginNotify

Something relating to OATHAuth not setting anything for $wgNotifyTypeAvailabilityByCategory? And/or reusing 'category' => 'system'?

It's unclear where/how users currently get notified of these (just on Web? Email too?), which is even more relevant with the case of T131788: Users should be notified when only two recovery codes are left, T353962: Add new notifications for additional 2FA being enabled/disabled...

Related Objects

Event Timeline

Reedy created this task.Jan 14 2024, 9:21 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJan 14 2024, 9:21 AM
Tgr subscribed.Jan 14 2024, 9:18 PM

system notifications are not configurable. If you want these notifications to be configurable, you need to create a new category. Not sure I'd want to allow that though.

$wgNotifyTypeAvailabilityByCategory is only needed if you want to prevent some type of notification (email or web) for a certain category entirely. (Or if you want to enable push notifications, which are a bit of a hack.)

taavi subscribed.Jan 14 2024, 10:14 PM

I'm not sure we want to allow disabling email alerts on account security information changes?

Reedy added a comment.Jan 14 2024, 11:17 PM

Screenshot 2024-01-14 at 23.15.22.png (1×479 px, 86 KB)

It would seem, based on a few of the examples here (web, edits to my user talk page, for example), we can have some always on/not so customisable.

Of course, they don't need to be email confirmed to enable 2FA anyway...

Reedy moved this task from Backlog to User Experience on the MediaWiki-extensions-OATHAuth board.Jan 15 2024, 12:02 AM
Frostly subscribed.Jan 15 2024, 4:11 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL