Other sites have "Login with Facebook".
Wikipedia should too!
At least leave this open as a long term goal 'LATER'.
Pros
Cons
Facebook and Google have hundreds of millions more users than Wikimedia wikis. How is Facebook or Google being private companies relevant here? If users want to be able to log in to Wikimedia wikis with Facebook or Google credentials, what's the problem with allowing that?
I think "declined" was a proper status: there is practically zero demand for this feature and that implementing it would require an enormous consensus, given we would encourage users to surrender their privacy etc. by chaining themselves to said external services.
It's fine to keep the report open so that the matter can be discussed, but consensus must be found on-wiki. Do you want to open an RfC?
I would like to see this feature enabled. Not only for facebook or google but for any reliable oauth provider. This effectively makes the demand greater than zero, even if it might be still small :P
This doesn't surrender anyone's privacy. Existing users would be in now way forced to use the google or facebook, BTW I believe that both facebook and google probably cares about privacy far more than wikimedia :P
It looks like any discussion about implementing this functionality gets summarily closed. Saying that there's "zero demand" is extremely dubious in such a hostile environment.
It's fine to keep the report open so that the matter can be discussed, but consensus must be found on-wiki.
Consensus for what, exactly? You want the millions of Facebook and Google users to agree to use Facebook and Google? How are you impacted as a user if someone else can log in via Facebook or Google?
Why not?
Because Brion is overlord of wikimedia and he doesn't like big and rich companies :P
Now on more serious note: I myself believe that having this option would bring significant amount of contributors to wikipedia and lowered amount of IP editors incredibly, probably about 90% of them have facebook. That on other hand isn't precisely what developers want. It also involves lot of programming, that's also what they don't want to do :) and having some solid IP's might be better to some (admins mostly) than just facebook names.
I'm re-opening this task for further consideration. In my opinion, the current hand-wavy "people would object" and "we can't possibly" arguments presented in this task don't hold enough weight to stand on their own.
I have a Facebook account. Brion, Nemo, Quim, Petr, Krenair, and Reedy all have Facebook accounts as well. So, very respectfully, I'm calling bullshit on the idea that you can't be both a Wikimedian and a Facebook user.
(The same is true for Google. Many Wikimedians have Gmail accounts. The Wikimedia Foundation itself switched to Google Apps several years ago, meaning that every wikimedia.org e-mail address is also a Google account, as I understand it.)
There may be good reasons to not support Facebook logins. For example, it's still not clear to me whether Facebook supports OpenID or whether Wikimedia is interested in using OpenID. However, if we decline this task, we should do so only alongside a clear and specific articulation of why this request has failed.
Given the incredibly widespread use and adoption of platforms such as Facebook and Google, at least considering allowing users to log in with them seems completely reasonable. As Petr points out, this could mitigate the need to use IP addresses. Of course the current user authentication system is hairy (CentralAuth blehhh) and it may be better to prioritize other authentication features (such as login via e-mail address and case-insensitive login), but that doesn't mean that we can't simultaneously consider this request.
I would not like the idea of using facebook to authenticate privileged users. That gives a lot of power to facebook that they could in theory abuse.
I have a Facebook account. Brion, Nemo, Quim, Petr, Krenair, and Reedy all have Facebook accounts as well.
Hey, that's outing and libel! I don't really have a Facebook account, I was forced to create one and I don't even remember the password.
That gives a lot of power to facebook that they could in theory abuse.
And it's not just theory. Look at how Google regularly abuses people authenticating to it in order to impose their favorite technologies.
Based on https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow/v2.4 it appears Facebook supports OAuth rather than OpenID.
Gee they are even on
https://en.wikipedia.org/wiki/List_of_websites_using_two-factor_authentication
but Wikipedia is not...
Oh come on... Why in the world would company like facebook ever needed to abuse some wikipedia account? I would be less surprised if someone from within foundation or some privileged volunteer abused it, rather than facebook or google.
Facebook is in the bussiness of building personalized profiles on users in order to create a personalized site experiance and better target advertisements. Abusing their login service to better do this could make financial sense for them. This is of course counter balanced by the negative press they would get if they got caught doing so (and for major abuse, like taking over a check user account, possibly also illegal).
Ultimately this would increase the surface of people we have to trust, and its really unclear how much facebook should be trusted. On the other hand maybe the benefits do outweigh the risks. Im personally somewhat doubtful of the benefits, but maybe the average user would really like it. And ill freely admit, facebook taking over someone's account is a bit tin foil hat, (although facebook collecting ips/login times to connect wikipedia pseudonyms to real names is much less tin foil hat imo. But arguably if the service is optional users are conscenting to that (albeit, debatable if its informed consent))
Does facebook even have an official policy stating they wont abuse the login feature? The clisest i could find was
We collect information when you visit or use third-party websites and apps that use our Services (like when they offer our Like button or Facebook Log In or use our measurement and advertising services). This includes information about the websites and apps you visit, your use of our Services on those websites and apps, as well as information the developer or publisher of the app or website provides to you or us.
l
On the other hand maybe the benefits do outweigh the risks.
Impossible. Allowing login via Facebook (or Google) means giving up any promise that we'll always use free software: if at some point Facebook decides that to use their credentials you have to adopt some proprietary software, and credentials of millions users are locked there, we'll be forced to surrender. On the other hand, if we don't care about those users and we'd just abandon them in such an occasion, why bother.
This is complete nonsense, I don't believe facebook management ever did officially permitted anyone to abuse login system. People are frequently giving it their private password for email servers just so that it can scan their address books. There was no evidence they ever abused that either and this is login info that actually has some value. By logging in to wikipedia you don't really get any valuable information that you can't see when logged off (except for checkuser data, which IMHO are completely priceless, IP's affiliated with wikipedia usernames... facebook has billions of IP's that are affiliated with real names already). In fact facebook collects and keeps data far more valuable than wikimedia servers, I doubt they could gain anything they already don't have. It's a large company, far bigger than WMF, likely with much more strict policies and rules. I just can't imagine their technicians doing anything like this. But I agree that having facebook login to wikipedia would be a nice ground for bunch of conspiracy theories :P
What? Using facebook as login provider means using proprietary software just as much as running WMF servers on motherboards with proprietary BIOS. If facebook decides you have to use some proprietary software to access their login system, we can just always drop it from login form.
It's interesting that this idea to enable facebook login was considered "funny", while the arguments why we shouldn't do that sound like paranoid conspiracy theories, that I am not sure if should make you laugh or cry. I am no big fan of the idea of having that facebook login thing, but I must say there was pretty much no decent argument why is that a bad idea so far.
Unless you consider "never gonna happen", "facebook gonna steal our logins and sell it to CIA", "we would have to surrender to facebook", "innocent kittens will die if we make it" or "Vlad Putin is gonna start 3rd WW if we do this" as serious opinions on this matter.
BTW I talked to some folks in my office, some of them use wikipedia occasionally and they all liked the idea. Pretty much everyone hate websites that require you to register with username and password. Having external login providers would make this extremely more simple, because as @MZMcBride said, nearly everyone has facebook with few exceptions. So why bother people with yet another login?
There should be some wider research done on this topic, WMF already employs many researchers so why not task few of them to figure out if this idea is supported by general public, especially people who do use wikipedia but are reluctant to register (anonymous editors).
So your argument is, we should trust facebook because they are a big company and big companies don't do evil things because they are big?
I think you misrepresent nemo's argument. A key point was that if users depend on facebook login, we cant simply turn it off because those users wont be able to login without it as they are using that to authenticate
And how do peple log in. Either such users have an alternate means of authenticating themselves, in which case what's the point in the first place, or there is no way to access the converted accounts.
Ancedotally, that is interesting. Although i wonder why such users would want to login in the first place instead of being an anon.
Because being logged in is better than being anon?
You don't disclose your IP address and you get your edits attributed to your account, people know who you are and can talk to you on your own talk page?
It's just that people hate to invent silly password and shit around that.
If Facebook, Google, etc, offer third-party login it's because it helps their business. How exactly I don't know (I searched, URLs welcome). A very small group of big corps are fighting for this marketshare, so I guess there are good business reasons behind that.
If Wikimedia offers these third-party logins, we will endorse these companies and we will contribute to their business. I'd rather keep our distance and neutrality.
Not necessarily.
You don't disclose your IP address and you get your edits attributed to your account
I have yet to see scientific research demonstrating a large-scale harm of IP addresses exposure (if you find one, please please add to https://www.mediawiki.org/wiki/Requests_for_comment/Exposure_of_user_IP_addresses , I'm very interested); on the other hand, we know for sure that Facebook uses all sorts of private data for all sorts of evil things and they'd certainly welcome being sent precious profiling information on wiki interests of their users without even having to look for it.
I'd avoid the privacy arguments in this discussion, let's stick to the technical arguments which we have solid information about, like T61631#1465053. Is there an external authentication system/platform which guarantees perpetual respect of our commitment to free software?
As for the reasoning there are a few, pointing people to their Facebook/Google accounts means eventually that will leak the information people are using Wikipedia and maybe even leak the actions they are doing on the site. I dont think it is a good privacy wise.
Adding support for different third parties authentication systems would lead to a few interesting problems:
I am declining this task again and please stop reopening it. If you really want to bring up the topic on table again please do so on mailing lists such as wikimedia-l or wikitech-l. If this task get reopen I will just ask for technical means to enforce it being closed.
Thank you
That would be there choice to do that
Adding support for different third parties authentication systems would lead to a few interesting problems:
- why limit to Google / Facebook? Where do you draw a line
- what happens when a third party disappear or is broken/unavailable
Then they are gone or unavailable.
- who is going to handle and maintained the related MediaWiki code
The same as every other code, Assuming we would focus on OAuth related projects.
I am declining this task again and please stop reopening it. If you really want to bring up the topic on table again please do so on mailing lists such as wikimedia-l or wikitech-l.
It has been opened since Jul 2015 (~7 months) and only declined twice previous to yours just then.
If this task get reopen I will just ask for technical means to enforce it being closed.
Don't be a dick much?
Please keep Phabricator a respectful place and stick to the Etiquette.
@Peachey88: Could you bring up this topic on mailing lists for broader input, as proposed by Hashar?
Don't be a dick much?
Yeah that looks like a great argument. Here is mine:
Does that look like a stronger argument?
I am really just teasing you @Peachey88. Please keep this task closed. As I instructed, bring the subject to a mailing list for further discussion which is a much better way to argue for/against a feature proposal
This argument is incoherent to me. MediaWiki wikis already "leak the actions" that a user is doing on a site. That's the whole point of having public logs and revision histories. If a user wants to give his or her information to Facebook or Google and then re-use that login, how is that a privacy concern? When you say "leak the information people are using Wikipedia", what does that mean specifically and why would it matter here?
Adding support for different third parties authentication systems would lead to a few interesting problems:
- why limit to Google / Facebook? Where do you draw a line
Over a billion users?
- what happens when a third party disappear or is broken/unavailable
It depends on what type of authentication system we set up.
- who is going to handle and maintained the related MediaWiki code
How is this an interesting problem? Maintenance cost is attached to every line of code and feature ever.
I am declining this task again and please stop reopening it. If you really want to bring up the topic on table again please do so on mailing lists such as wikimedia-l or wikitech-l. If this task get reopen I will just ask for technical means to enforce it being closed.
If you want to start a discussion on a mailing list, feel free. If you don't want to be subscribed to this task, you can unsubscribe yourself.
Before touching the status of this task again, you should read and respond to the many valid points raised here. Your replies at T61631#2057649 and T61631#2054992 do not do that.
@MZMcBride please keep this task closed. If you really want to bring it up again please raise the subject on the mailling lists such as wikimedia-l or wikitech-l.
Can you explain how Phabricator is an inappropriate forum? We regularly use Phabricator to draft requests for comment and to discuss feature requests and bug reports. Why are you insisting on closing this task?
Facebook allegedly has over a billion users. It collects and stores an enormous amount of personal and private information about its users. Are you seriously suggesting that theoretical access to Wikipedia accounts would give Facebook "a lot of power"? This argument is insane.
My guess is that we if implement T30085: RFC: Allow user login with email address in addition to username, this bug will become mostly moot. We'll end up with users authenticating using the same e-mail address and password on Wikipedia that they use on Facebook and with Gmail.
There are 20 people subscribed to this task. Given the topic feels RfC'ish and welcomes more input, wikitech-l@ sounds like an appropriate venue (with way more subscribed people) to bring this up.
By RfC I assume you mean https://meta.wikimedia.org/wiki/RfC ? This is not a technical issue, but a "political" one.
Nah, I meant https://www.mediawiki.org/wiki/Requests_for_comment or TechCom-RFC. Here's an example task that's being used as a drafting space for an RFC (instead of using the wiki): T119043.
Sure, you or hashar or anyone else are free to start a discussion on a mailing list if you think that would be helpful/beneficial.
I respectfully note that allowing using my_email_address@example.com
to login too (which although makes perfect sense) does not bring us
anywhere closer to allowing the user to click on his friendly
familiar "f" logo, which is what I want. P.S., I don't subscribe to
those mailing lists.
Lets take a step back here.
There are 3 ways of interpreting this bug:
[ I don't think this bug should remain open at lowest priority. Lowest priority implies it would be possible to make a patch that would be accepted, just that nobody cares enough to do it. I don't think that describes this bug]
@MZMcBride: You seem to be interested in keeping this task opened. So you are in a way better position to faciliate discussion and provide your arguments to a broader audience. The ball is in your court.
Phabricator Maniphest is a fine place to discuss the technical implementation and any potential blockers/impediments. As I said previously, there may be valid reasons to decline this task, but so far the reasoning has been almost exclusively "I don't like/trust Facebook" and that seems wrong to me.
More recently the argument has gotten even more bizarre and people like @hashar won't even discuss the merits of this task. Instead, he just keeps shouting "wrong venue!" and trying to stifle discussion here. That's pretty shady behavior.
If nothing else, it would be nice to expand the task description with a list of pros and cons regarding this proposal for future readers.
Regarding this proposal being contentious, what evidence do you have to support this claim? You have a Facebook account. I have a Facebook account. Andre has a Facebook account. Thousands of Wikipedia users have Facebook accounts (cf. https://en.wikipedia.org/w/index.php?title=Special:Search&profile=advanced&profile=advanced&fulltext=Search&search="facebook+profile"&ns2=1).
You know if you post on a local wiki village pump, you get told to file a task in Phabricator Maniphest. If you post to a mailing list, you get told to file a task in Phabricator Maniphest. If you file a task in Phabricator Maniphest, you get told to post to a mailing list? Stop giving people the run-around, it's very rude.
Phabricator Maniphest has a subscription feature for anyone interested in following this task to receive e-mail updates. If you think broader discussion is warranted/needed, you can post about this idea wherever you'd like. It is absolutely not my responsibility to adhere to your arbitrary demands for wider participation.
[offtopic]
Indeed, if you post on a mailing list or a local village pump and have a specific, well-defined, non-controversial issue, you hopefully get told to file a task in Maniphest. If there are more complex (technical or social) aspects to sort out first, a Maniphest task might welcome a related mailing list discussion or even an RfC. I'm sure you're well aware of this and understand which venues provide which purposes.
I'm marking this as declined because it isn't worth warring over. The arguments against doing this continue to be ridiculously weak and are largely driven by attempts to harmfully and needlessly spread fear, uncertainty, and doubt.
The idea that Maniphest is not used—and should not be used—to capture complex technical tasks, even those that include social components, is demonstrably false.
I think there were two issues that were conflated into one in this task: 1) Should Wikimedia support using any external services for authentication (e.g. OpenID, OAuth, Persona), and 2) Should we support Facebook as one of those mechanisms, possibly via an open standard.
Some people here are against #1, and others are only against #2. In any case, I agree that there was way too much FUD in this discussion. Facebook isn't going to compromise checkuser accounts, we (now) have a robust authentication system that allows lowering user's permissions depending what authentication method they use (OAuth, BotPasswords), we'd obviously apply the same treatment to external providers.