[python-committers] Security: please enable 2-factor authentication on GitHub and your email
julien at palard.fr
Mon Dec 11 13:53:01 EST 2017
Antoine Pitrou <antoine at python.org>:
> I don't know what security experts think, but the idea of having to
> print and keep around recovery codes (for each and every website I
> enable 2FA on!) sounds completely braindead to me.
> Do you expect to be able to find back a random piece of paper in 5
> years? I certainly don't.
The basic idea of 2FA is to cumulate something you know and
something you have.
Recovery codes are on the "something you have" side, they are not a secret,
they are a possession, so it's completly OK to keep your recovery codes
in your wallet.
It's even a good practice to keep them in your wallet: You know where
they are and they're accessible. If you break the
"thing you have" you can still identify yourself even if you're out of
If you loose your wallet, (got it stolen, dropped in the ocean, whatever),
it's no big deal: just regenerate the codes, nobody know your password,
your security is not broken.
In other words, the thief stealing a wallet is not the guy stealing
password, so everything's good, and you have to regereate your recovery
codes faster than they can meet (should be easy).
To reply to you other answer, it's not really OK to store your password and
your 2FA generating program on the same hardware, it breaks the
"something you know and something you have" separation, it's reduced to something
you have, it does no longer need two clearly separated steps to be broken.
More information about the python-committers