Community Wishlist Survey 2017/Miscellaneous/2 factor authentication for all

From Meta, a Wikimedia project coordination wiki
Jump to navigation Jump to search
Random proposal◄ Miscellaneous

2 factor authentication for all

  • Problem: Currently 2 factor authentication is by default only available to users with elevated user rights, like sysops. This is due to multiple unsolved usability problems that caution us
  • Who would benefit: Registered users
  • Proposed solution: Solve the usability options and improve account recovery process.
  • More comments:


  • Personally I don't forsee this happening, allowing anyone to enable 2fa could cause operations having to reset forgotten 2fa credentials constantly, for example if someone were to lose their scratch codes (which I've done before on wikitech) its a task that while may not to be hard, would get annoying and cause a lot of potiental extra work for the already busy operations team Zppix (talk) 17:40, 8 November 2017 (UTC)Reply[reply]
    • Solving this, would indeed require that ops people are no longer required for a reset, simply because there is no UI to modify this part of the database. When you reset is rules that we will have to define. We could have a group with checkuser abilities for that for instance. Or require at least email verification + password verification, or submitting evidence to OTRS. There's options. —TheDJ (talkcontribs) 08:11, 9 November 2017 (UTC)Reply[reply]
  • I do support this, though it should be optional and not mandatory. --Donald Trung (Talk 🤳🏻) (My global lock 🔒) (My global unlock 🔓) 10:08, 29 November 2017 (UTC)Reply[reply]
  • This can be solved for some of the users by using proofs like in Keybase. Probably several systems should be used to revoke a 2-factor authentication setup, but I'm not sure how this should be done. Only thing I do know; don't rely on SMS alone for a revoke! — Jeblad 23:50, 10 December 2017 (UTC)Reply[reply]