On Thu, Jun 11, 2026 at 3:34 PM Adam Williamson <[email protected]> wrote:
> I've had 2FA turned on on my account for years, and I deal with it. So have I (and I do (deal)). Would I prefer my FIDO2 key just worked (like it does with github, and numerous other services)? Sure. But the TOTP token is at least a good first step[0]. > We really, really, really need to mandate > 2FA for proven packagers at minimum. When that was last proposed some PP's said they would leave the project rather than do so. I do not know if many still believe that, or would actually do that, but even if so, it is long past time to require 2FA (I was of the opinion it was long past time more than two years ago, so consider this an echo from the past). [0] Perfect is the enemy of good enough. -- _______________________________________________ devel mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
