Talk:Requests for comment/Login security

Archive
There is a discussion about this RfC on wikitech-l starting on August 23, 2013 (gmane).

Policy-based rules
The code to implement the current plan of record was somewhat hacky, and I think the entire process, and what is encrypted or not could be much more clearly understood (and implemented) as a set of policies around the 4 areas (anonymous browsing, user login, logged-in browsing, sensitive activities) where we can use HTTPS.

For each area, we could define a site policy which specifies of https is required, recommended (defaults to https, but user pref can override), or unspecified. At the 2 where we have an identified user, we can have a user preference to allow the user to specify their choice for when the site policy only recommends or doesn't specify. For the 2 areas where we deal with anonymous users, we could allow a way for the anonymous visitor to specify a preference with a cookie, possibly. —The preceding unsigned comment was added by 50.136.243.106 (talk • contribs) 03:04‎, Aug 25, 2013 (UTC)
 * I find it interesting that so many folks are talking about cookies at the same time as talking about login security. I don't think I'm unique in wiping cookies when shutting down a browser, and people who have multiple "computers" (including smartphones, tablets, laptops and desktops) won't gain any benefit if preferences are cookie-based, since they'll have to be set on all that different equipment.  Risker (talk) 02:41, 27 August 2013 (UTC)
 * The problem is that per-user preferences stored in MediaWiki's database can't apply before you're logged in, or to the current login form itself, since the system can't know who you are until after you log in. So for non-logged-in users things either have to apply to everyone or there has to be some mechanism to indicate these preferences without being logged in, for which the usual solution is cookies (in fact, being logged in on MediaWiki also uses cookies). Anomie (talk) 15:02, 27 August 2013 (UTC)