Passwordless Logins
moved from deprecated page MiscProposals -- ThiloPfennig 2006-11-07 16:58:45
I often deploy MoinMoin internally within companies, often companies where we have endless networking systems we have to log into, all with various passwords. Requiring passwords for Moinmoin greatless weakens the promise of "frictionless" use.
At the same time, new users often forget to log in at all.
For most of my deployments, I would want to see anonymous editing create a reminder to log in, but logging in not require any kind of password. I have seen hints here and there that somehow not requiring passwords allows masquereding and this is unacceptable, but isn't the local administrator capable of determining whether masquerading is a larger problem than an obstacle to use and adoption? In my case, I'm sure that it is.
I have hand-hacked moinmoin (also TWiki) to accept no-passwords or blank passwords at times, but over time most wikis seem to move towards password-required operation which greatly decreases the value of Wikis for many purposes. Maintaining a private branch is not a job I care to undertake.
If I were to submit a passwords-optional patch, would it be accepted? --JoshuaRodman
(...)A problem with that would be that this needs to be configurable, but even then there is a problem: if you allowed empty passwords, you can't easy go back and require them again (at least not with some additional code handling this). -- ThomasWaldmann 2005-03-17 08:11:32
I guess I think ideally a wiki is so simple and transparent that you can AdministerByHand if you have to. I would imagine that creating and initializing the database of hashed or stored passwords would be a 5 minute hack in python at worst. At least, that's what I'd hope it to be. This doesn't address "security" concerns of how do users safely choose independent passwords that are unique to the wiki, but if you choose passwordless you obviously aren't worried about this to start. No matter what I think such a transition requires explicit communication from admin to users, and any number of solutions are possible at that time.-- JoshuaRodman 2005-04-10