I've just finished upgrading MediaWiki on labsconsole to 1.20wmf2. My primary motivation for doing so was to enable OATHAuth, which requires 1.20.
OATHAuth is an opt-in feature that adds more security to your account. It provides two-factor authentication, using your phone as the something you have, and your username/password as the something you know. If you are using iPhone or Android, you can use the Google Authenticator app as a client. There are also clients for most other phones and desktops; Wikipedia has a good list of clients: http://en.wikipedia.org/wiki/HOTP#Tokens To use two-factor via OATH: 1. Install the client app on your phone. 2. In labsconsole sidebar, click "Manage two-factor auth". 3. Click "Enable two-factor authentication". 4. In the client application, either scan the QRCode, or enter the username/secret into your client. We only have time-based OATH implemented at this time (we'll take patches for counter based). 5. Write down your one-time scratch tokens (this is *really* important). 6. Validate your account by entering the token presented on your phone and clicking "submit". Once your token is validated, two-factor authentication will be required to log in. There's an important thing to remember when enabling two-factor: It's really, really important to write down your one-time use scratch tokens. If you don't write them down you'll be locked out of your account if you lose your phone. - Ryan _______________________________________________ Labs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/labs-l
