All,

On 12/14/21 14:25, Arnaud Le Hors wrote:
I work with the Developer Best Practices Working Group of the
Linux Foundation's Open Source Security Foundation (OpenSSF)
>
> [snip]
>
We'd like to give your project *free* MFA hardware tokens from Google
and GitHub, for use by your maintainers.

Any particular reasons why TOTP won't work just as well and not generate electronic waste?

Also no-cost and provides the same benefits as hardware tokens. And doesn't suffer from things like [1].

-chris

[1] https://www.theverge.com/2019/5/15/18625028/google-titan-security-keys-bluetooth-vulnerability-replacement-free

Reply via email to