Hi Last week the MediaWiki Platform team completed the roll out of SUL3 [0] to all users on all wikis. This is a significant milestone in the evolution of Single User Login [1], the system that lets users login on one Wikimedia site and be automatically logged in across all.
SUL3 moves all login and account creation to a central domain [2], but is designed to fully replicate the existing authentication experience, including all per-wiki customisation. The primary driver for this change was to ensure login to Wikimedia sites remains compatible with increasing browser restrictions on cross-domain cookies, which are aimed at preventing cross-site tracking, but have prevented users of some browsers from staying logged in. SUL3 also improves account security by increasing protections against cross-site scripting (XSS) and limiting authentication workflows to run on a single domain. This single domain also provides a better experience for people using password managers and will enable future work to improve support for WebAuthn. Thank you to the volunteers who’ve helped us to shape these changes through your comments, testing, bug reports and contributions. Best Jonathan [0] https://www.mediawiki.org/wiki/MediaWiki_Platform_Team/SUL3 [1] https://meta.wikimedia.org/wiki/Help:Unified_login [2] https://auth.wikimedia.org -- Jonathan Tweed (he/him) Senior Product Manager, Core Platform Wikimedia Foundation _______________________________________________ Wikitech-l mailing list -- wikitech-l@lists.wikimedia.org To unsubscribe send an email to wikitech-l-le...@lists.wikimedia.org https://lists.wikimedia.org/postorius/lists/wikitech-l.lists.wikimedia.org/
