[python-committers] Security: please enable 2-factor authentication on GitHub and your email

Antoine Pitrou antoine at python.org
Tue Dec 12 11:21:48 EST 2017 

If some people are inclined to push for 2FA, I think it would be more
productive to write some kind of document giving advice and suggestions
and addressing all potential issues (such as backups, cross-platform
compatibility, software integration with various tools, etc.).  For
example I have 2FA enabled on Github but I just learned that U2F keys
are supposed to work with Firefox 57.0.

Regards

Antoine.


Le 12/12/2017 à 17:12, Brett Cannon a écrit :
> 
> 
> On Tue, Dec 12, 2017, 05:07 M.-A. Lemburg, <mal at egenix.com
> <mailto:mal at egenix.com>> wrote:
> 
>     I'm with David on this one. 2FA is good for admin accounts, but
>     doesn't add much protection for regular committers. Think of what
>     you're trying to protect against: git checkins are all audited and
>     can easily be undone.
> 
> 
> But David has an admin account for the repo. 😉 Anyway, it sounds like
> we're not going to force this in anyone, but perhaps it might be worth
> considering for admin accounts since they control whether force pushes
> are possible.
> 
> -brett
> 
> 
>     --
>     Marc-Andre Lemburg
>     eGenix.com
> 
>     Professional Python Services directly from the Experts (#1, Dec 12 2017)
>     >>> Python Projects, Coaching and Consulting ...  http://www.egenix.com/
>     >>> Python Database Interfaces ...           http://products.egenix.com/
>     >>> Plone/Zope Database Interfaces ...           http://zope.egenix.com/
>     ________________________________________________________________________
> 
>     ::: We implement business ideas - efficiently in both time and costs :::
> 
>        eGenix.com Software, Skills and Services GmbH  Pastor-Loeh-Str.48
>         D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg
>                Registered at Amtsgericht Duesseldorf: HRB 46611
>                    http://www.egenix.com/company/contact/
>                           http://www.malemburg.com/
> 
>     _______________________________________________
>     python-committers mailing list
>     python-committers at python.org <mailto:python-committers at python.org>
>     https://mail.python.org/mailman/listinfo/python-committers
>     Code of Conduct: https://www.python.org/psf/codeofconduct/
> 
> 
> 
> _______________________________________________
> python-committers mailing list
> python-committers at python.org
> https://mail.python.org/mailman/listinfo/python-committers
> Code of Conduct: https://www.python.org/psf/codeofconduct/
>

More information about the python-committers mailing list