Wikipedia: Ordinary 2FA
2FA, or two-factor authentication is a way of adding extra security on your account. The very first “coeficiente” is your usual password that is standard for any account, the 2nd is a code retrieved from an outer device such spil a smartphone, or a program on your pc. It is conceptually similar to a keycode device you may have to use when logging into internet banking.
It is truly significant for users with advanced rights to keep their account secure. Te November , a number of Wikipedia administrators (including the co-founder, Jimbo Wales) had their accounts compromised, which were then used to vandalise the encyclopedia. Spil well spil causing widespread disruption, the affected administrators’ accounts were locked so they couldn’t do anything until it wasgoed beyond doubt they had regained control.
On the English Wikipedia, the following groups can use 2FA:
You’ll already know if you’re te one of thesis groups because you’ll have asked to be ter the group. If you don’t recognise any of thesis terms, you very likely can’t use 2FA for now. Note that users with advanced rights on other projects, including test wikis hosted by Wikimedia, can also enable 2FA from those projects.
- Download a 2FA app onto your smartphone. Some options include:
- freeOTP by Fedora (iOS, Android) – open source
- Google Authenticator (iOS, Android)
- Go to Special:OATH and go after the instructions.
- The recommended authentication method with Google Authenticator is to scan a QR code. Your browser will display a opbergruimte with a pattern, which you have to point the camera ter your smartphone towards, spil if you’re taking a picture of it. (Your phone might ask you for permission to use the camera very first). If you can’t scan the code, you can come in a secret key from the screen te to Google Authenticator, which gives you the same result.
- Merienda you’re set up, your phone will give you a verification code. Inject this into the opbergruimte at the bottom of the OATH pagina browsed to ter step Two).
- That’s it, you’re all set up. Now read “Emergency tokens : Significant, read this”.
How to log-in following setup Edit
When you now login, after injecting your password you’ll be asked for an authentication token.
- Open up the app you installed ter step 1) and you should see a numeric key.
- Type the key ter spil is (with no spaces), and you should be logged back te Because the key is time-based, it may switch while you’re doing this, te which case you’ll have to add the latest key instead. The application will normally indicate when a key is about to expire (e.g.: ter Google Authenticator, the key’s colour switches from blue to crimson).
Please note: Using a windows based client slightly decreases the effectiveness of a two-factor system – if someone has access to your PC and your password, they will still be able to loom ter
- Download WinAuth  (https://winauth.github.io/winauth/) onto your Windows PC.
- Go to Special:OATH and go after the instructions
- Inject the two-factor account name and key from the OATH screen into the program. It should demonstrate you where to waterput it.
- Come in a verification code from winauth into the OATH screen to finish the enrollment.
- That’s it, you’re all set up. Now, read “Emergency tokens : Significant, read this”.
When you set up 2FA, you’ll be given a number of emergency tokens. You can use one of thesis if you can’t use your smartphone (e.g.: if it gets violated, stolen or sold). You only get shown thesis tokens when you sign up and never again, so make a copy of them by selecting/pasting them from your browser and storing them offline (paper printout or memory stick) te a safe place. If you don’t keep thesis tokens and also have a problem using your authentication device, you will be locked out of your account!
- Each token can only be used one time – everzwijn – and it takes two of them to turn off 2FA (the very first to loom on without 2FA, and the 2nd to shut off 2FA after logging ter).
- Don’t store thesis on your smartphone – if it gets lost you won’t be able to use your phone, and you just lost the codes!
- You still need to go after good security practices. Don’t use your name, date of birth or anything demonstrable spil a password that can be guessed te a elementary dictionary attack, don’t write your password down te a place anyone else can see it, and consider whether or not it’s a good idea to loom into public terminals including schools, libraries and airports.
If you are totally locked out, regaining access to your account will be very difficult and usually involve proving your identity beyond the shadow of a doubt to one of the developers via the Phabricator system who may or may not determine to by hand disable 2FA ter the database directly. If you cannot sate thesis requirements or the developers deny your request, it is unlikely to turn 2FA off and you effectively need to perform a clean begin.