Huji added a comment.
In T282624#7083372 <https://phabricator.wikimedia.org/T282624#7083372>, @Krd wrote: > The current requirement is that one has to have 2fa enabled at the time when IA rights are applied, but there is neither a policy (is it?) nor a technical reason not to disable 2fa at any time later. Will stewards review or monitor this in any way? > A more simple approach from the bureaucratic point of view would be to technically check the 2fa status by the software at the time the group rights are to be used, so that IA (or say CU) features can only be used when 2fa is enabled at that time. This of course would require a software change, but it appears to be a much more reasonable and flexible way to me. Indeed, if we implement this feature and leave the assignment/revocation of right to local 'crats, would that not solve the all issues discussed above? 'crats would not need to check 2FA status, a user who gets the access and then turns off 2FA will not be able to use this feature and therefore pose risk, and communities would not have to do much differently. We just have to notify the communities that IAs who don't have 2FA will need to enable it. I need 2FA (and the specific implementation of it used on WMF) has some haters, but I think this is a low-cost solution that can be more easily justified than a complete overhaul of the process. TASK DETAIL https://phabricator.wikimedia.org/T282624 EMAIL PREFERENCES https://phabricator.wikimedia.org/settings/panel/emailpreferences/ To: Huji Cc: Huji, Jeeputer, SpartacksCompatriot, alaa, MBq, Raymond, Funkruf, XenonX3, Darmo117, zhuyifei1999, Billinghurst, FriedrickMILBarbarossa, DonTrung, Meirae, Teles, Rubin16, TheDJ, Risker, 4nn1l2, MGChecker, Krd, MF-Warburg, MBH, Bebiezaza, Krenair, Acagastya, IKhitron, Iniquity, Urbanecm, Leaderboard, Minorax, Majavah, Proc, stjn, SilkTork, Johan, Quiddity, Amorymeltzer, Asartea, TheSandDoctor, CptViraj, DannyS712, Bugreporter, Jack_Frost, Xaosflux, SQL, Zabe, AntiCompositeNumber, Jack_who_built_the_house, suffusion_of_yellow, GeneralNotability, Rschen7754, Izno, Stanglavine, Tks4Fish, Cosine02, Aklapper, jrbs, Invadibot, LaMagiaaa, SHISHIR_DUA, Delete1111, R4356th, EhsanKhandowa, RuiyuShen, maantietaja, Muchiri124, CBogen, Isaacandy, Carn, Akuckartz, Demian, Sebleouf, Joye_Zhang, PatsagornY, Dibya, VulpesVulpes825, Lepticed7, Sunny00217, Viztor, 94rain, Nandana, Hamishcn, Awangba_Mangang, Jony, Naturista2018, Vesihiisi, Lahi, Gq86, Ramsey-WMF, BJ6123C7BTD, Anooprao, Tommy_Kronkvist, JamieTubers, Bsandipan, Nahid, GoranSMilovanovic, SPoore, lisong, Jayprakash12345, Chicocvenancio, Allthingsgo, QZanden, Kaartic, Kizule, LawExplorer, JJMC89, patilise, Devwaker, Oriciu, Niklitov, Poyekhali, _jensen, rosalieper, Pamputt, Tegel, Valepert, Taiwania_Justo, RuyP, JEumerus, Scott_WUaS, Cirdan, Ananthsubray, Superzerocool, Ixocactus, Tulsi_Bhagat, Taketa, Thibaut120094, Matiia, Einsbor, Psychoslave, Wong128hk, Luke081515, Fuzheado, SimmeD, Bsadowski1, Mardetanha, VIGNERON, Barras, Arash.pt, Cwek, Wikidata-bugs, Superyetkin, Snowolf, Savh, Base, aude, Pmlineditor, Dcljr, Vriullop, NahidSultan, El_Grafo, Dinoguy1000, DerHexer, Shanmugamp7, Trijnstel, PeterBowman, Shizhao, matej_suchanek, Melos, Jalexander, Sjoerddebruin, Stryn, Addshore, Steinsplitter, Matanya, Mbch331, Liuxinyu970226, Jay8g, Ltrlg, Glaisher, Keegan
_______________________________________________ Wikidata-bugs mailing list -- wikidata-bugs@lists.wikimedia.org To unsubscribe send an email to wikidata-bugs-le...@lists.wikimedia.org