I originally posted this idea on G+ and Arthur Richards suggested I cross-post it here. My friend, Isaac Potoczny-Jones is a computer security professional. He developed a new authentication schema that layers on top of existing technologies and leverages a user's smartphone and QRCodes to improve authentication usability, eliminate human-generated passwords, and further improve security by separating the authentication channel from the login session. He's calling this capability "Animate Login" and as part of the proof of concept, he developed a MediaWiki implementation. I believe the Wikimedia foundation should pursue adding this technique as part of the primary login options for it's projects. I would personally love to be able to just point my phone at the login screen and have the system log me in to Wikipedia without having to type anything or remember complex passwords. Wikimedia has worked hard to consolidate logins across the many projects over the last couple years and this would be a great way of providing seamless login. It should be very low overhead and relatively easy to implement. Isaac is very interested in seeing his tool put to use on Wikipedia. Wikimedia could lead the way to improved authentication that also vastly improves the user experience!
Isaac explains the project in some detail on this Google Plus post: https://plus.google.com/u/0/112702172838704084335/posts/B9UR2zzDY3f?hl=en His landing page for the project is here: http://animate-innovations.com/content/animate-login The website has videos, links to a MediaWiki instance where its in use and more. >From the conversations I've had with him, I know that he has thought long and >hard about this application and has sought to address/understand all of the >potential attack vectors. Compared to human-generated passwords, this would >be vastly more secure and dramatically improve the user experience of logging >in. It might even entice new or old editors to login and give it a try and >thus re-engage them in editing. I'm also certain it could generate a fair bit >of buzz as people learn they can use their smartphone to login to Wikipedia. I hope you'll consider working with Isaac. I'll point him to this thread so he knows it is here. I know he'd love to see this implemented in Wikipedia. Don _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
