Em junho 29, 2018 5:09 Bartłomiej Piotrowski via arch-dev-public escreveu:
Hi all,I want to enable mandatory two-factor authentication in our GitHub organization. Few of you unfortunately don't use it and will be effectively removed when I flip the switch, which I plan to do next week, 6th July. allanbrokeit anthraxx Atsutane Bluewind brain0 City-busz djgera eli-schwartz foutrelis lordheavy phrakture SantiagoTorres seblu shibumi vesath wonder
Hi Bartłomiej, I'm the manager of a github organization with more than 4k repos. Enabling mandatory 2FA is a good start. But there are some more things I would like to do: - Disable the permission for repository deletion by members (even with admin on the repo). Only owners should be able to delete repositories upon request. - Reduce the number of owners to a bare minimum. - Review all the 3rd party access and integration (so far I only saw travis). Also, I do have some scripts that use github's API to work with github's audit logs. Perhaps we can add something to our monitoring. Regards, Giancarlo Razzolini
pgpQnE0ndY1k8.pgp
Description: PGP signature
