There is no need to store phone number at all.
You need to install an app called "Google Authenticator" or similar ones.
Then you scan a QR code from a special page in Wikipedia. Then every time
you want to login, you need to give username, password and a short-lived
token the app gives you. See
I believe you can find some 2FA application that isn't affiliated with Google
(actually Google Authenticatir app doesn't require Google account to be linked.
Tested on iOS and Android.)
Also, some desktop application (ie. 1password*) is 2FA compatible.
* Not Free/Open Source Software.
+1 to what Craig wrote: two-factor authentication, with a key stored in an
authenticator application (which eliminates the problem of revealing the
phone number), would definitely be a great thing - and we could make it
opt-in, except for higher level functionaries.
On Sat, Nov
A fully enumerated list of "cons" would be an important place to start.
Wikimedians and WMF have long promoted the existence of stuff ike the
"Congress edits" twitter account, which reports account-less edits from
capitol hill. We often block high school IP addresses at certain times in
Honestly I cannot find pros since it's a free choice to edit without
logging, so it's not up to me to find them :D if it would depend solely on
me this thread would even exist ;)
Meanwhile I weight in the biggest con: the inability to use rangeblocks and
an unacceptable weakening of our ability
Actually I consider to be sensitive the google account linked to my mobile
also lots of people might have no compatible devices.
2016-11-12 15:30 GMT+01:00 Amir Ladsgroup :
> There is no need to store phone number at all.
> You need to install an app called
The biggest privacy problem in Wikipedia has always been the permanent
public exposure of casual editors' IP addresses.
Secondarily, we store logged-in editors' IP addresses for a limited time,
exposing all editors' IP addresses to access by staff and volunteer
accounts which could be stolen or
While it is tempting to start with cons, I think for most of the community
members, the question will be: 'what alternatives are there to accomplish
more or less the same' with regards to fighting vandalism and sockpuppetry.
And answering that question would start with describing how we actually
>Do any of the volunteers contributing to this list have ideas for
>changes that may make a significant difference to security?
When you log in, you're given a user session. This session, along with
local Web browser HTTP cookies, allows you to stay logged in and
authenticated as you
In addition, we'd be making significantly more difficult the detection and
mitigation of abusive anonymous editing. Currently, when someone edits as
an IP, gets blocked, resets their router, and changes the last octet, we
can easily tell they're socking around a block. And to mitigate that, we
I know it's been said many times, but two-factor authentication, mandatory
for accounts with advanced privileges and optionally available for everyone
else, would seem to be a logical step. It's not foolproof, but it would go
a long way to making us less of a soft target.
As far as I know 2FA is already implemented and mandatory for WMF staff
accounts and wikitech accounts. https://phabricator.wikimedia.org/T107605
I emphasized on having 2fa for CUs, oversights and others with private data
Not sure what's
My phone number is something I consider highly sensitive. Linking this kind
of data to my online identity would be an unacceptable risk for me.
2016-11-12 13:37 GMT+01:00 Amir Ladsgroup :
> As far as I know 2FA is already implemented and mandatory for WMF staff
Mail list logo