[python-committers] Security: please enable 2-factor authentication on GitHub and your email

Brett Cannon brett at python.org
Mon Dec 11 14:26:30 EST 2017

On Mon, 11 Dec 2017 at 10:56 Antoine Pitrou <antoine at python.org> wrote:

> Hi Julien,
> (and welcome on this list)
> Le 11/12/2017 à 19:53, Julien Palard a écrit :
> >
> > Recovery codes are on the "something you have" side, they are not a
> secret,
> > they are a possession, so it's completly OK to keep your recovery codes
> > in your wallet.
> A random piece of paper in my wallet may not have an extremely long
> lifetime (paper is fragile).  And *one* piece of paper might be ok, but
> what if I need one for every 2FA-enabled Web site?

I print them out, trim the paper to just the codes to keep it small, and
keep the codes with my passport since I'm not about to lose track of that
important document. And there are only so many web sites that support 2FA
so the  number of pieces of paper isn't massive.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-committers/attachments/20171211/ffda34b4/attachment-0001.html>

More information about the python-committers mailing list