https://bugzilla.wikimedia.org/show_bug.cgi?id=53195
Web browser: ---
Bug ID: 53195
Summary: OATH token input should be on a separate page
Product: MediaWiki extensions
Version: master
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: Unprioritized
Component: OATHAuth
Assignee: [email protected]
Reporter: [email protected]
Classification: Unclassified
Mobile Platform: ---
Having the input on the login page makes it confusing to users since most don't
even know what two factor authentication is. I'm willing to bet more than one
person will try and type their password into it.
Basically there should be a configuration option like in
Extension:TwoFactorAuthentication that allows moving the token input to a
different page (like how Google, Facebook, etc. does it) and the user only sees
it if they have it enabled for their account.
Note that in Extension:TwoFactoryAuthentication, this is done in a ambivalent
method that doesn't reveal if you got the password or the token wrong. In other
words, if you type an incorrect password, it still takes you to the token page.
--
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
Wikibugs-l mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
