[python-committers] Security: please enable 2-factor authentication on GitHub and your email

Victor Stinner victor.stinner at gmail.com
Tue Dec 12 04:56:44 EST 2017

2017-12-11 17:19 GMT+01:00 Chris Jerdonek <chris.jerdonek at gmail.com>:
> Why do you say this? Can't this only be true for accounts that allow
> password recovery / reset via email?
> --Chris

While I didn't check, but I'm quite sure that the email quickly enters
into the play when you want to recover your GitHub account when you
lost everything (password, 2FA key, recovery code).

At least, the email was the key to break the security in one "I have
been hacked" article. Hum, I think that it was this article:

The story is related to "password reset": Google (Gmail), Apple,
Twitter, Amazon, etc.


More information about the python-committers mailing list