[python-committers] Security: please enable 2-factor authentication on GitHub and your email

Paul Moore p.f.moore at gmail.com
Mon Dec 11 06:14:07 EST 2017

On 11 December 2017 at 10:16, Kushal Das <kushaldas at gmail.com> wrote:
> On a related note, we should ask all committers to enable 2FA and then
> make the organization to 2FA only on github. That is a standard policy of
> many organizations on github.

Before making such a requirement, we should ensure that doing so
doesn't harm usability. For example, I have no idea how 2FA would work
in conjunction with the command line git client on Windows,
particularly in terms of *not* prompting on every single activity, but
caching authentication appropriately. Also we should ensure that there
are viable 2FA options for people in places where mobile phone signals
are unreliable or unavailable (I come into that category :-()

Basically, before making such a change, let's ensure it doesn't do
more harm than good.


More information about the python-committers mailing list