Page MenuHomePhabricator
Create Task
Maniphest T406383

Reword 2FA login messages, remove warning box
Open, Needs TriagePublic
Actions

Assigned To
None
Authored By
Catrope
Oct 3 2025, 7:48 PM
Tags
Referenced Files
F66724546: image.png
Oct 3 2025, 7:50 PM
F66724535: image.png
Oct 3 2025, 7:48 PM
F66724531: image.png
Oct 3 2025, 7:48 PM
F66724526: image.png
Oct 3 2025, 7:48 PM
F66724521: image.png
Oct 3 2025, 7:48 PM
Subscribers
AAlhazwani-WMF
Aklapper
Catrope
Izno

Description

image.png (257×332 px, 14 KB)

We currently use yellow warning boxes in the 2FA login UI to tell people what to do, but we shouldn't. We should also revise the copy here.

New designs from @AAlhazwani-WMF:

image.png (292×348 px, 14 KB)
image.png (198×215 px, 10 KB)
image.png (173×216 px, 11 KB)
Security keyAuthenticator appRecovery code

Event Timeline

Catrope created this task.Oct 3 2025, 7:48 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptOct 3 2025, 7:48 PM
Catrope added a comment.Oct 3 2025, 7:50 PM

I think we should revise the design for authenticator apps to keep the current list of example authenticator apps, because we've received a lot of feedback that people find those useful. This information shouldn't be in a warning box of course, but I think it should be somewhere.

image.png (327×332 px, 27 KB)

Izno subscribed.EditedOct 3 2025, 10:47 PM

Probably it should point to some list on mediawiki.org or elsewhere rather than being namedropped in the message directly and thus hard to change in a cross-language way, should a particular authenticator die or be renamed. I've thought to do that with the list currently splattered in that same spot.

And it's noisy once you're used to using 2FA.

But yeah, it's always been weird to me that it's a warning box.

taavi moved this task from Backlog to Features/Improvements on the MediaWiki-extensions-OATHAuth board.Oct 5 2025, 9:15 AM
Reedy moved this task from Features/Improvements to User Experience on the MediaWiki-extensions-OATHAuth board.Oct 11 2025, 3:57 PM
Catrope moved this task from Inbox to UX cleanup on the FY2025-26 WE 4.6 - Account Security (WE 4.6.4 - 2FA improvements and passkey support) board.Oct 22 2025, 5:06 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits