On 5 September 2013 01:31, Donald Stufft <don...@stufft.io> wrote: > > On Sep 4, 2013, at 11:28 AM, Nick Coghlan <ncogh...@gmail.com> wrote: > >> The *best* answer is for a service to use 2-factor authentication >> instead of relying entirely on passwords (the "physical object" Donald >> mentioned earlier), but we don't have the resources to set that up, >> and certainly can't require it for all PyPI users (since you either >> need a physical token or a phone capable of running an app like Google >> Authenticator). > > PyPI will gain 2 Factor Auth support in Warehouse. It's something I feel > strongly > about and am going to make it work. It obviously won't be required for the > reasons you listed it but if folks turn it on then it'll be required for > their account. > Likely also projects will be able to require that their projects themselves > get > modified only by an account with 2FA enabled as well.
Yay, that's great news! :) Cheers, Nick. -- Nick Coghlan | ncogh...@gmail.com | Brisbane, Australia _______________________________________________ Distutils-SIG maillist - Distutils-SIG@python.org https://mail.python.org/mailman/listinfo/distutils-sig
