[Pulp-dev] Requiring 2FA in Github
David Davis
daviddavis at redhat.com
Thu Jul 26 19:53:30 UTC 2018
I got a notification from another organization I am a member of on
Github[0] that they are going to require Two Factor Authentication[1] in
response to recent news about some malicious code being shipped in a
compromised npm package[2].
We are vulnerable to having malicious code deployed to PyPI if one of our
Github accounts is compromised. Thus, I wonder if we should also require
that people with a commit bit have Two Factor Authentication enabled.
Thoughts?
[0]
https://community.theforeman.org/t/require-2fa-for-github-organization-members/10404
[1]
https://help.github.com/articles/requiring-two-factor-authentication-in-your-organization/
[2] https://www.theregister.co.uk/2018/07/12/npm_eslint/
David
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pulp-dev/attachments/20180726/c921bfaf/attachment.htm>
More information about the Pulp-dev
mailing list