[python-committers] Security: please enable 2-factor authentication on GitHub and your email
Victor Stinner
victor.stinner at gmail.com
Tue Dec 12 04:56:44 EST 2017
2017-12-11 17:19 GMT+01:00 Chris Jerdonek <chris.jerdonek at gmail.com>:
> Why do you say this? Can't this only be true for accounts that allow
> password recovery / reset via email?
>
> --Chris
While I didn't check, but I'm quite sure that the email quickly enters
into the play when you want to recover your GitHub account when you
lost everything (password, 2FA key, recovery code).
At least, the email was the key to break the security in one "I have
been hacked" article. Hum, I think that it was this article:
https://www.wired.com/2012/08/apple-amazon-mat-honan-hacking/
The story is related to "password reset": Google (Gmail), Apple,
Twitter, Amazon, etc.
Victor
More information about the python-committers
mailing list