Page MenuHomePhabricator
Create Task
Maniphest T399657

Update existing 2FA documentation
Closed, ResolvedPublic
Actions

Description

User Story:

As a user, I can access clear and concise documentation related to Wikimedia’s 2fa implementation and available options.

Related Objects
Search...

Event Timeline

sbassett created this task.Jul 15 2025, 10:12 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJul 15 2025, 10:12 PM
Mstyles renamed this task from As a user, I can access clear and concise documentation related to Wikimedia’s 2fa implementation and available options. to Update existing 2FA documentation.Jul 22 2025, 9:26 PM
Tgr added a project: Documentation.Aug 1 2025, 9:28 AM
Tgr subscribed.

Related:
T399656: Clearly document 2FA reset process
T192260: Add a link to help page on all two-factor authentification process steps
T255370: Document best practices for user login for different types of applications if using 2FA

LD awarded a token.Aug 1 2025, 9:29 AM
Tgr added a project: MediaWiki-extensions-OATHAuth.Aug 1 2025, 4:02 PM
Mstyles moved this task from Backlog to Needed for Beta Deployment on the FY2025-26 WE4.6.2 Multiple Authenticators board.Sep 3 2025, 4:30 PM
Reedy moved this task from Backlog to Features/Improvements on the MediaWiki-extensions-OATHAuth board.Sep 17 2025, 9:30 AM
TBurmeister changed the task status from Open to In Progress.Oct 21 2025, 7:01 PM
TBurmeister claimed this task.
TBurmeister triaged this task as Medium priority.
TBurmeister added a project: Tech-Docs-Team.
TBurmeister added a subtask: T399656: Clearly document 2FA reset process.
TBurmeister added a project: FY2025-26 WE 4.6 - Account Security (WE 4.6.4 - 2FA improvements and passkey support).Oct 21 2025, 7:08 PM
TBurmeister moved this task from Needed for Beta Deployment to In Progress on the FY2025-26 WE4.6.2 Multiple Authenticators board.
TBurmeister added a subtask: T255370: Document best practices for user login for different types of applications if using 2FA.Oct 21 2025, 7:11 PM
TBurmeister moved this task from Backlog to Active projects on the Tech-Docs-Team board.Oct 21 2025, 7:15 PM
Catrope removed a project: FY2025-26 WE4.6.2 Multiple Authenticators.Oct 22 2025, 4:36 AM
Catrope moved this task from Inbox to UX cleanup on the FY2025-26 WE 4.6 - Account Security (WE 4.6.4 - 2FA improvements and passkey support) board.Oct 22 2025, 5:02 AM
Catrope moved this task from UX cleanup to Documentation on the FY2025-26 WE 4.6 - Account Security (WE 4.6.4 - 2FA improvements and passkey support) board.
Reedy added a parent task: T399664: Expand 2FA Opt-In Privileges.Oct 29 2025, 12:35 PM
TBurmeister changed the status of subtask T409768: Standardize 2FA terminology usage across docs and UI from Open to In Progress.Nov 10 2025, 6:08 PM
TBurmeister mentioned this in T192260: Add a link to help page on all two-factor authentification process steps.Nov 18 2025, 4:14 PM
TBurmeister closed subtask T409768: Standardize 2FA terminology usage across docs and UI as Resolved.Nov 20 2025, 6:48 PM
TBurmeister added a subscriber: Catrope.Nov 24 2025, 6:35 PM

x-posting here just for tracking work done on docs this quarter: @Catrope made significant updates to https://www.mediawiki.org/wiki/Extension:WebAuthn. Summary: "adding a recipe for setting up HTTPS in local development entirely within MW-Docker (without needing to install Caddy locally), and updating the section on cross-wiki usage to be more accurate. Documentation on how to set up a central domain like auth.wikimedia.org in a third-party context is still missing, but it's hard for me to write that because that particular feature in CentralAuth doesn't appear to be well-documented, and doesn't really seem to be designed for non-WMF use either."

TBurmeister changed the status of subtask T399656: Clearly document 2FA reset process from Open to In Progress.Nov 24 2025, 6:36 PM
T4NeGMp7P4en subscribed.Nov 29 2025, 3:45 PM

If it helps, please refer ja:H:2FA. It is already updated for new 2FA system.
It could be a basis to rewrite other documents.

TBurmeister added a comment.Dec 2 2025, 9:22 PM

https://meta.wikimedia.org/wiki/User:TBurmeister_(WMF)/Sandbox/2FA is now a final draft, with just a couple small TODOs left (I've opened threads about with the team to resolve). Feedback on this draft is welcome as comments on this task, or on the Talk page.

TBurmeister moved this task from Active projects to Waiting for feedback on the Tech-Docs-Team board.Dec 2 2025, 9:23 PM
T4NeGMp7P4en added a comment.Dec 2 2025, 11:08 PM
In T399657#11426073, @TBurmeister wrote:

https://meta.wikimedia.org/wiki/User:TBurmeister_(WMF)/Sandbox/2FA is now a final draft, with just a couple small TODOs left (I've opened threads about with the team to resolve). Feedback on this draft is welcome as comments on this task, or on the Talk page.

I love it.
Instead of "non-temporary user accounts", I think it's better to say "registered user accounts", simply.

Xaosflux subscribed.Dec 3 2025, 6:58 PM
Mstyles removed a parent task: T399664: Expand 2FA Opt-In Privileges.Dec 4 2025, 9:27 PM
Mstyles added a subtask: T192260: Add a link to help page on all two-factor authentification process steps.
TBurmeister added a comment.Dec 5 2025, 5:13 PM

https://meta.wikimedia.org/wiki/Help:Two-factor_authentication has now been fully rewritten to reflect the current state of 2FA on Wikimedia projects, and it includes additional troubleshooting information about account recovery and disabling or re-enabling 2FA.

TBurmeister closed subtask T399656: Clearly document 2FA reset process as Resolved.Dec 5 2025, 5:13 PM
TBurmeister closed subtask T192260: Add a link to help page on all two-factor authentification process steps as Resolved.Dec 5 2025, 5:22 PM
TBurmeister closed this task as Resolved.Dec 5 2025, 5:28 PM
TBurmeister moved this task from Waiting for feedback to Done on the Tech-Docs-Team board.Dec 11 2025, 9:43 PM
TBurmeister mentioned this in T332385: Improve descriptions for our 2FA methods in 2FA management page.Thu, Jan 15, 9:20 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits