[python-committers] Security: please enable 2-factor authentication on GitHub and your email
Antoine Pitrou
antoine at python.org
Mon Dec 11 07:58:25 EST 2017
Le 11/12/2017 à 13:55, Victor Stinner a écrit :
> 2017-12-11 13:51 GMT+01:00 Antoine Pitrou <antoine at python.org>:
>> Before recommending anything you/we should first give guidelines and
>> best practices for backup etc.
>>
>> If you lose your 2FA device and don't have some kind of fallback your
>> accounts may be screwed. As usual, security can conflict with usability
>> and the long-term availability of data.
>
> Hum, in my first email I wrote:
>
> """
> * Enable 2-factor auth on GitHub and Bitbucket using Yubikey
> * Print two-step recovery codes on paper and keep it safe somewhere
> """
>
> Using multiple tokens reduces the risk of losing access to your account.
I don't know what security experts think, but the idea of having to
print and keep around recovery codes (for each and every website I
enable 2FA on!) sounds completely braindead to me.
Do you expect to be able to find back a random piece of paper in 5
years? I certainly don't.
Regards
Antoine.
More information about the python-committers
mailing list