https://bugzilla.wikimedia.org/show_bug.cgi?id=42131
Ryan Lane <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |WONTFIX --- Comment #4 from Ryan Lane <[email protected]> 2012-11-16 20:36:56 UTC --- I'm marking this WONTFIX: Challenge/response is the proper way of handling this, as you shouldn't let an attacker know if two-factor is enabled unless the user logs in with the proper username/password. MediaWiki core has no support for challenge/response. This isn't really a bug with labsconsole. If you'd like to see this fixed, open two bugs: 1. A bug in mediawiki core for challenge/response 2. A bug in extension OATHAuth to use the core support -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
