Wikivoyage:Two-factor authentication
|
This is a draft page. What is conveyed here is merely an informative guide on 2FA with the context of the English Wikivoyage and is not a policy or guideline. |
Two-factor authentication (2FA) is a security method that requires users to verify their identity through two distinct steps before accessing their Wikimedia account. It combines a user's password and with something they have physically (such as a code sent to a mobile phone or browser). This second layer makes it much harder for unauthorised individuals to access accounts, even if they guess the password, thus improving account security.
This page does not cover the process of implementing 2FA – see the relevant pages on Meta-Wiki or the English Wikipedia for how to implement 2FA. Rather, it aims to cover what it is and more enwikivoyage-specific nuances of 2FA that neither the Meta-Wiki nor the English Wikipedia pages cover.
Most users will not have the means to enable 2FA. On the English Wikivoyage, users in the following groups can enable 2FA using Special:Preferences:
Checkusers, importers, suppressors (oversighters) and transwiki importers also have the ability to enable 2FA, though the English Wikivoyage has no users that fall into any of these user groups. Users in certain global groups may also implement 2FA, including abuse filter helpers, abuse filter maintainers, global interface editors, global rollbackers, global sysops, stewards and VRT permission agents. However, if you fall into any of these global groups, you are much better off implementing 2FA on Meta-Wiki.
2FA is global, but you will need to have the relevant permission to enable it for a certain wiki. For example, if you lack any of the above 4 permissions that allow you to enable 2FA but are an administrator on the French Wikibooks, you will need enable 2FA through the French Wikibooks, not here.
Users who don't fall into any group that allows you to enable 2FA on any wiki may request for 2FA tester permissions on Meta-Wiki at Steward requests/Global permissions. You must also confirm that you have read m:Help:2FA before a steward will grant the perms. Once granted, you will be able to enable 2FA via m:Special:Preferences on Meta-Wiki (not here).
Although it is encouraged to enable 2FA to maximise account security for advanced rights holders, it is not required for most permissions, including sysop and bureaucrat. The sole exception to this is interface administrators, who are mandated to enable 2FA as per WMF policy. There are other global groups and permissions on Meta-Wiki that also mandate 2FA, but this is outside the scope of the English Wikivoyage.