On Sep 4, 2013, at 11:28 AM, Nick Coghlan <ncogh...@gmail.com> wrote:
> The *best* answer is for a service to use 2-factor authentication > instead of relying entirely on passwords (the "physical object" Donald > mentioned earlier), but we don't have the resources to set that up, > and certainly can't require it for all PyPI users (since you either > need a physical token or a phone capable of running an app like Google > Authenticator). PyPI will gain 2 Factor Auth support in Warehouse. It's something I feel strongly about and am going to make it work. It obviously won't be required for the reasons you listed it but if folks turn it on then it'll be required for their account. Likely also projects will be able to require that their projects themselves get modified only by an account with 2FA enabled as well. ----------------- Donald Stufft PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Distutils-SIG maillist - Distutils-SIG@python.org https://mail.python.org/mailman/listinfo/distutils-sig
