Authentication checkers: Difference between revisions

Line 2:

'''Authentication checkers''' are trusted users with the ability to check whether a user has two-factor authentication enabled. These checks are centrally performed on Meta-Wiki and logged in a [[<tvar name="log">Special:Log/oath</tvar>|private log]] visible only to [[<tvar name="stewards">Special:MyLanguage/Stewards</tvar>|Stewards]].

== Criteria for checks ==

== Criteria for checks ==

In general, two-factor authentication checks should only be performed when the following criteria are met:

</translate>

* <translate>The checked user holds or is requesting a permission that requires two-factor authentication.</translate>

* <translate> The checked user holds or is requesting a permission that requires two-factor authentication.</translate>

* <translate>The permission is held or requested on a wiki where the checker has authority to manage such access.</translate>

* <translate> The permission is held or requested on a wiki where the checker has authority to manage such access.</translate>

** <translate>For example, a checker who is a bureaucrat on wiki A, but not on wiki B, should not perform checks on wiki B's interface administrators.</translate>

** <translate> For example, a checker who is a bureaucrat on wiki A, but not on wiki B, should not perform checks on wiki B's interface administrators.</translate>

== Appointment ==

== Appointment ==

Requests for this permission may be placed on [[Stewards/Requests/Global permissions]]. In general, requests will be approved if the following criteria are met:

</translate>

* <translate>The user is a bureaucrat on a WickedGov wiki or has another compelling reason to have access to users' two-factor authentication status.</translate>

* <translate> The user is a bureaucrat on a WickedGov wiki or has another compelling reason to have access to users' two-factor authentication status.</translate>

* <translate>The user has identified to the WickedGov office and appears on the [[identification noticeboard]].</translate>

* <translate> The user has identified to the WickedGov office and appears on the [[identification noticeboard]].</translate>

* <translate>The user is trusted not to misuse the access.</translate>

* <translate> The user is trusted not to misuse the access.</translate>

== Removal ==

== Removal ==

Authentication checker access will be removed by a Steward in the following cases:

</translate>

* <translate>The user seriously misuses the access by making unnecessary or inappropriate checks.</translate>

* <translate> The user seriously misuses the access by making unnecessary or inappropriate checks.</translate>

* <translate>The user no longer has a good reason to access 2FA status (for example, if the user is no longer a bureaucrat).</translate>

* <translate> The user no longer has a good reason to access 2FA status (for example, if the user is no longer a bureaucrat).</translate>

@@ Line 2: / Line 2: @@
 {{global policy}}
 <translate>
+<!--T:1-->
 '''Authentication checkers''' are trusted users with the ability to check whether a user has two-factor authentication enabled. These checks are centrally performed on Meta-Wiki and logged in a [[<tvar name="log">Special:Log/oath</tvar>|private log]] visible only to [[<tvar name="stewards">Special:MyLanguage/Stewards</tvar>|Stewards]].
-== Criteria for checks ==
+== Criteria for checks == <!--T:2-->
+<!--T:3-->
 In general, two-factor authentication checks should only be performed when the following criteria are met:
 </translate>
-* <translate>The checked user holds or is requesting a permission that requires two-factor authentication.</translate>
+* <translate><!--T:4--> The checked user holds or is requesting a permission that requires two-factor authentication.</translate>
-* <translate>The permission is held or requested on a wiki where the checker has authority to manage such access.</translate>
+* <translate><!--T:5--> The permission is held or requested on a wiki where the checker has authority to manage such access.</translate>
-** <translate>For example, a checker who is a bureaucrat on wiki A, but not on wiki B, should not perform checks on wiki B's interface administrators.</translate>
+** <translate><!--T:6--> For example, a checker who is a bureaucrat on wiki A, but not on wiki B, should not perform checks on wiki B's interface administrators.</translate>
 <translate>
-== Appointment ==
+== Appointment == <!--T:7-->
+<!--T:8-->
 Requests for this permission may be placed on [[Stewards/Requests/Global permissions]]. In general, requests will be approved if the following criteria are met:
 </translate>
-* <translate>The user is a bureaucrat on a WickedGov wiki or has another compelling reason to have access to users' two-factor authentication status.</translate>
+* <translate><!--T:9--> The user is a bureaucrat on a WickedGov wiki or has another compelling reason to have access to users' two-factor authentication status.</translate>
-* <translate>The user has identified to the WickedGov office and appears on the [[identification noticeboard]].</translate>
+* <translate><!--T:10--> The user has identified to the WickedGov office and appears on the [[identification noticeboard]].</translate>
-* <translate>The user is trusted not to misuse the access.</translate>
+* <translate><!--T:11--> The user is trusted not to misuse the access.</translate>
 <translate>
-== Removal ==
+== Removal == <!--T:12-->
+<!--T:13-->
 Authentication checker access will be removed by a Steward in the following cases:
 </translate>
-* <translate>The user seriously misuses the access by making unnecessary or inappropriate checks.</translate>
+* <translate><!--T:14--> The user seriously misuses the access by making unnecessary or inappropriate checks.</translate>
-* <translate>The user no longer has a good reason to access 2FA status (for example, if the user is no longer a bureaucrat).</translate>
+* <translate><!--T:15--> The user no longer has a good reason to access 2FA status (for example, if the user is no longer a bureaucrat).</translate>