[pytest-dev] Enabling 2FA for pytest-dev
Floris Bruynooghe
flub at devork.be
Thu Dec 8 11:42:34 EST 2022
I'd also be +1 on this.
Note however that the user in question did have 2FA enabled already and
indeed this doesn't help for compromised tokens. I think we can force
some limits on what tokens are allowed, I'm not entirely sure here and
on how restricting this may turn out to be for people.
Anyway, requiring 2FA is a decent step I support.
Cheers,
Floris
On Thu 08 Dec 2022 at 13:17 -0300, Bruno Oliveira wrote:
> Hi folks,
>
> Given the recent incident of suspicious activity using a stolen credential
> from a pytest-dev org member, it was suggested that pytest is high-enough
> profile that we should require 2FA for all members.
>
> I'm definitely +1 on this, sending this message here in case someone wants
> to voice concerns.
>
> Cheers,
> Bruno.
> _______________________________________________
> pytest-dev mailing list
> pytest-dev at python.org
> https://mail.python.org/mailman/listinfo/pytest-dev
More information about the pytest-dev
mailing list