Looks like an interesting idea. The MediaWiki extension needs some work though so I'll fork that and work on it today.
On Mon, Oct 17, 2011 at 10:51 PM, <[email protected]> wrote: > I originally posted this idea on G+ and Arthur Richards suggested I > cross-post it here. My friend, Isaac Potoczny-Jones is a computer security > professional. He developed a new authentication schema that layers on top > of existing technologies and leverages a user's smartphone and QRCodes to > improve authentication usability, eliminate human-generated passwords, and > further improve security by separating the authentication channel from the > login session. He's calling this capability "Animate Login" and as part of > the proof of concept, he developed a MediaWiki implementation. I believe > the Wikimedia foundation should pursue adding this technique as part of the > primary login options for it's projects. I would personally love to be able > to just point my phone at the login screen and have the system log me in to > Wikipedia without having to type anything or remember complex passwords. > Wikimedia has worked hard to consolidate logins across the many projects > over the last couple years and this would be a great way of providing > seamless login. It should be very low overhead and relatively easy to > implement. Isaac is very interested in seeing his tool put to use on > Wikipedia. Wikimedia could lead the way to improved authentication that > also vastly improves the user experience! > > Isaac explains the project in some detail on this Google Plus post: > https://plus.google.com/u/0/112702172838704084335/posts/B9UR2zzDY3f?hl=en > > His landing page for the project is here: > http://animate-innovations.com/content/animate-login > > The website has videos, links to a MediaWiki instance where its in use and > more. > > From the conversations I've had with him, I know that he has thought long > and hard about this application and has sought to address/understand all of > the potential attack vectors. Compared to human-generated passwords, this > would be vastly more secure and dramatically improve the user experience of > logging in. It might even entice new or old editors to login and give it a > try and thus re-engage them in editing. I'm also certain it could generate > a fair bit of buzz as people learn they can use their smartphone to login to > Wikipedia. > > I hope you'll consider working with Isaac. I'll point him to this thread > so he knows it is here. I know he'd love to see this implemented in > Wikipedia. > > Don > > _______________________________________________ > Wikitech-l mailing list > [email protected] > https://lists.wikimedia.org/mailman/listinfo/wikitech-l > -- John _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
