On Thursday, 11 June 2026 at 15:46, Michael Catanzaro via devel wrote: > I use 2FA for basically everything except Fedora. Yet my Fedora account > is one of my highest-value accounts. Compromise a Fedora packager and > you can push malware more or less directly to users. > > I'm afraid Fedora is just not ready for 2FA. Kerberos is currently the > biggest problem. No way would I be willing to enable 2FA before > gnome-online-accounts is able to handle ticket > renewals: > https://gitlab.gnome.org/GNOME/gnome-online-accounts/-/work_items/171 [...]
FWIW, I've been using YubiKey-based OTP (via ykman) and fkinit for 2FA with Fedora account for quite some time now and it works quite well. Regards Dominik -- Fedora https://fedoraproject.org Deep in the human unconscious is a pervasive need for a logical universe that makes sense. But the real universe is always one step beyond logic. -- from "The Sayings of Muad'Dib" by the Princess Irulan -- _______________________________________________ devel mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
