Add password requirement to privileged accounts

RESOLVED FIXED in 6.2.7

Status

addons.mozilla.org Graveyard
Admin/Editor Tools
P3
normal
RESOLVED FIXED
7 years ago
2 years ago

People

(Reporter: clouserw, Assigned: ashort)

Tracking

unspecified
6.2.7
x86
Linux

Details

(Reporter)

Description

7 years ago
Browserid is rockin', but we still want to require privileged users to authenticate to AMO with a password.  If you need UI help, let us know.  Greg recently wrote a lightbox login which will also be affected here.

Privileged users here include:  Admin:*, Editors:*

Comment 1

7 years ago
Sorry, I haven't been following the latest developments with AMO and browserid. 

How does the use of browserid change the interaction of admins/editors with the privileged sections of AMO? Does logging in with browserid currently allow the same privileges as going through the standard AMO login? 

I'm guessing that since browserid uses different credentials, requiring AMO password is to prevent abuse of a logged in browserid session.
(Reporter)

Comment 2

7 years ago
browserid is going to be equivalent to our current authentication.

We're adding password auth for privileged accounts as a secondary auth.  This was talked about with mcoates and yboily via email a bit.
(Reporter)

Updated

7 years ago
Target Milestone: 6.2.3 → Q3 2011
(In reply to David Chan [:dchan] from comment #1)
> How does the use of browserid change the interaction of admins/editors with
> the privileged sections of AMO? Does logging in with browserid currently
> allow the same privileges as going through the standard AMO login? 

This is just another layer of defense for accounts with lots of privilege since browserid is a baby and still "experimental".
(Reporter)

Updated

7 years ago
Target Milestone: Q3 2011 → 6.2.5
(Reporter)

Updated

7 years ago
Target Milestone: 6.2.5 → 6.2.7
(Reporter)

Updated

7 years ago
Blocks: 688216
(Assignee)

Comment 4

6 years ago
https://github.com/jbalogh/zamboni/commit/0eb323be7e927541406d2bfa29129fa628739373
Status: NEW → RESOLVED
Last Resolved: 6 years ago
Resolution: --- → FIXED
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in before you can comment on or make changes to this bug.