Manual:$wgRemoveCredentialsBlacklist

Details
List of AuthenticationRequest class names which are not removable through Special:RemoveCredentials and the removeauthenticationdata API. This is only enforced on the client level; AuthManager itself (e.g. AuthManager::allowsAuthenticationDataChange calls) is not affected. Class names are checked for exact match (not for subclasses).