I’ve just released OATHAuth 0.1 for MediaWiki. This is an HMAC based One Time Password (HOTP) implementation providing two factor authentication. This is the same technology used for Google’s two-factor authentication.

OATHAuth is an opt-in feature that adds more security accounts in a wiki. It provides two-factor authentication, using your phone as the something you have, and your username/password as the something you know. If you are using iPhone or Android, you can use the Google Authenticator app as a client. There are also clients for most other phones and desktops; Wikipedia has a good list of clients.

If you have an account in Wikimedia Labs, you can enable two-factor authentication via the sidebar now.

As of version 0.1, OATHAuth only works when chained with LDAPAuthentication. Version 0.2 will work in a standalone manner. See the following image gallery for how it’s used:

Related posts:

1. Announcing OpenStackManager extension for MediaWiki
2. Announcing the Plotters extension for MediaWiki
3. Semi-anonymous users in MediaWiki using the LDAP Authentication extension