Release status: experimental
|Author(s)||Florian Schmidt (Florianschmidtwelzowtalk)|
|Translate the PasswordlessLogin extension if it is available at translatewiki.net|
|Check usage and version matrix.|
|Issues||Open tasks · Report a bug|
The Passwordless Login extension is an experimental extension that was created during the Wikimedia Hackathon 2019 in Prague. It allows an user to login to their user account on a MediaWiki site without entering their password anymore. Instead they can confirm that they want to login with their previously paired smartphone.
The login mechanism can be considered secure as long as the MediaWiki site where the user wants to login is accessible by https only. There's task T224049 which, if implemented, requires the user of https at all.
- Download and place the file(s) in a directory called
- Add the following code at the bottom of your LocalSettings.php:
wfLoadExtension( 'PasswordlessLogin' );
- Run the update script which will automatically create the necessary database tables that this extension needs.
- Done – Navigate to Special:Version on your wiki to verify that the extension is successfully installed.
To users running MediaWiki 1.24 or earlier:
The instructions above describe the new way of installing this extension using
wfLoadExtension(). If you need to install this extension on these earlier versions (MediaWiki 1.24 and earlier), instead of
wfLoadExtension( 'PasswordlessLogin' );, you need to use:
- PLFirebaseAccessToken: The access token you can retrieve from your Firebase project under the settings. This access token is used to be able to send messages to an Android device to verify the login.
This extension requires a second factor in order to work. There's an Android app, which implements the counterpart of this extension. The app is published on the Google Play Store. However, you can also build it yourself from the sources.
The Android app, which is built from these sources, does not save any personal related information or communicates with any service except the MediaWiki sites you connect this app with. The app will communicate with the Firebase Cloud Messaging service in order to generate a unique ID, with which a single device can be identified. This ID is transmitted to the MediaWiki sites you register within the app and will be saved on the servers hosting this site. The ID is used to create a login prompt when you login on one of the registered MediaWiki sites.