[python-committers] Security: please enable 2-factor authentication on GitHub and your email

Alex Gaynor alex.gaynor at gmail.com
Tue Dec 12 18:57:32 EST 2017 

They require a preference to be enabled, but yeah, Security Keys in Firefox
Quantum 🎉
https://mobile.twitter.com/jamespugjones/status/912314952232267777

Alex

On Tue, Dec 12, 2017 at 11:21 AM, Antoine Pitrou <antoine at python.org> wrote:

>
> If some people are inclined to push for 2FA, I think it would be more
> productive to write some kind of document giving advice and suggestions
> and addressing all potential issues (such as backups, cross-platform
> compatibility, software integration with various tools, etc.).  For
> example I have 2FA enabled on Github but I just learned that U2F keys
> are supposed to work with Firefox 57.0.
>
> Regards
>
> Antoine.
>
>
> Le 12/12/2017 à 17:12, Brett Cannon a écrit :
> >
> >
> > On Tue, Dec 12, 2017, 05:07 M.-A. Lemburg, <mal at egenix.com
> > <mailto:mal at egenix.com>> wrote:
> >
> >     I'm with David on this one. 2FA is good for admin accounts, but
> >     doesn't add much protection for regular committers. Think of what
> >     you're trying to protect against: git checkins are all audited and
> >     can easily be undone.
> >
> >
> > But David has an admin account for the repo. 😉 Anyway, it sounds like
> > we're not going to force this in anyone, but perhaps it might be worth
> > considering for admin accounts since they control whether force pushes
> > are possible.
> >
> > -brett
> >
> >
> >     --
> >     Marc-Andre Lemburg
> >     eGenix.com
> >
> >     Professional Python Services directly from the Experts (#1, Dec 12
> 2017)
> >     >>> Python Projects, Coaching and Consulting ...
> http://www.egenix.com/
> >     >>> Python Database Interfaces ...
> http://products.egenix.com/
> >     >>> Plone/Zope Database Interfaces ...
> http://zope.egenix.com/
> >     ____________________________________________________________
> ____________
> >
> >     ::: We implement business ideas - efficiently in both time and costs
> :::
> >
> >        eGenix.com Software, Skills and Services GmbH  Pastor-Loeh-Str.48
> >         D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg
> >                Registered at Amtsgericht Duesseldorf: HRB 46611
> >                    http://www.egenix.com/company/contact/
> >                           http://www.malemburg.com/
> >
> >     _______________________________________________
> >     python-committers mailing list
> >     python-committers at python.org <mailto:python-committers at python.org>
> >     https://mail.python.org/mailman/listinfo/python-committers
> >     Code of Conduct: https://www.python.org/psf/codeofconduct/
> >
> >
> >
> > _______________________________________________
> > python-committers mailing list
> > python-committers at python.org
> > https://mail.python.org/mailman/listinfo/python-committers
> > Code of Conduct: https://www.python.org/psf/codeofconduct/
> >
> _______________________________________________
> python-committers mailing list
> python-committers at python.org
> https://mail.python.org/mailman/listinfo/python-committers
> Code of Conduct: https://www.python.org/psf/codeofconduct/
>



-- 
"I disapprove of what you say, but I will defend to the death your right to
say it." -- Evelyn Beatrice Hall (summarizing Voltaire)
"The people's good is the highest law." -- Cicero
GPG Key fingerprint: D1B3 ADC0 E023 8CA6
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-committers/attachments/20171212/cab96e29/attachment.html>

More information about the python-committers mailing list