[pytest-dev] Enabling 2FA for pytest-dev
oliver
oliver.schoenborn at gmail.com
Thu Dec 8 13:10:15 EST 2022
Makes sense to me.
On Thu, Dec 8, 2022 at 11:42 AM Floris Bruynooghe <flub at devork.be> wrote:
> I'd also be +1 on this.
>
> Note however that the user in question did have 2FA enabled already and
> indeed this doesn't help for compromised tokens. I think we can force
> some limits on what tokens are allowed, I'm not entirely sure here and
> on how restricting this may turn out to be for people.
>
> Anyway, requiring 2FA is a decent step I support.
>
> Cheers,
> Floris
>
>
> On Thu 08 Dec 2022 at 13:17 -0300, Bruno Oliveira wrote:
>
> > Hi folks,
> >
> > Given the recent incident of suspicious activity using a stolen
> credential
> > from a pytest-dev org member, it was suggested that pytest is high-enough
> > profile that we should require 2FA for all members.
> >
> > I'm definitely +1 on this, sending this message here in case someone
> wants
> > to voice concerns.
> >
> > Cheers,
> > Bruno.
> > _______________________________________________
> > pytest-dev mailing list
> > pytest-dev at python.org
> > https://mail.python.org/mailman/listinfo/pytest-dev
> _______________________________________________
> pytest-dev mailing list
> pytest-dev at python.org
> https://mail.python.org/mailman/listinfo/pytest-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.python.org/pipermail/pytest-dev/attachments/20221208/d1123aaa/attachment.html>
More information about the pytest-dev
mailing list