[Pulp-dev] Requiring 2FA in Github
Tatiana Tereshchenko
ttereshc at redhat.com
Sat Jul 28 10:09:36 UTC 2018
+1, enabled.
On Fri, Jul 27, 2018 at 12:02 AM, Dennis Kliban <dkliban at redhat.com> wrote:
> +1, but I already have it enabled.
>
> On Thu, Jul 26, 2018 at 3:53 PM, David Davis <daviddavis at redhat.com>
> wrote:
>
>> I got a notification from another organization I am a member of on
>> Github[0] that they are going to require Two Factor Authentication[1] in
>> response to recent news about some malicious code being shipped in a
>> compromised npm package[2].
>>
>> We are vulnerable to having malicious code deployed to PyPI if one of our
>> Github accounts is compromised. Thus, I wonder if we should also require
>> that people with a commit bit have Two Factor Authentication enabled.
>>
>> Thoughts?
>>
>> [0] https://community.theforeman.org/t/require-2fa-for-
>> github-organization-members/10404
>> [1] https://help.github.com/articles/requiring-two-factor-au
>> thentication-in-your-organization/
>> [2] https://www.theregister.co.uk/2018/07/12/npm_eslint/
>>
>> David
>>
>> _______________________________________________
>> Pulp-dev mailing list
>> Pulp-dev at redhat.com
>> https://www.redhat.com/mailman/listinfo/pulp-dev
>>
>>
>
> _______________________________________________
> Pulp-dev mailing list
> Pulp-dev at redhat.com
> https://www.redhat.com/mailman/listinfo/pulp-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pulp-dev/attachments/20180728/f6367c1b/attachment.htm>
More information about the Pulp-dev
mailing list