+1 to requiring it. I also already have it enabled. Would it be possible to either (a) turn this into a short pup and call for a vote or (b) add a date to close this email thread decision by?
Let me know if I should help write/review any. On Sat, Jul 28, 2018 at 6:09 AM, Tatiana Tereshchenko <ttere...@redhat.com> wrote: > +1, enabled. > > On Fri, Jul 27, 2018 at 12:02 AM, Dennis Kliban <dkli...@redhat.com> > wrote: > >> +1, but I already have it enabled. >> >> On Thu, Jul 26, 2018 at 3:53 PM, David Davis <davidda...@redhat.com> >> wrote: >> >>> I got a notification from another organization I am a member of on >>> Github[0] that they are going to require Two Factor Authentication[1] in >>> response to recent news about some malicious code being shipped in a >>> compromised npm package[2]. >>> >>> We are vulnerable to having malicious code deployed to PyPI if one of >>> our Github accounts is compromised. Thus, I wonder if we should also >>> require that people with a commit bit have Two Factor Authentication >>> enabled. >>> >>> Thoughts? >>> >>> [0] https://community.theforeman.org/t/require-2fa-for-githu >>> b-organization-members/10404 >>> [1] https://help.github.com/articles/requiring-two-factor-au >>> thentication-in-your-organization/ >>> [2] https://www.theregister.co.uk/2018/07/12/npm_eslint/ >>> >>> David >>> >>> _______________________________________________ >>> Pulp-dev mailing list >>> Pulp-dev@redhat.com >>> https://www.redhat.com/mailman/listinfo/pulp-dev >>> >>> >> >> _______________________________________________ >> Pulp-dev mailing list >> Pulp-dev@redhat.com >> https://www.redhat.com/mailman/listinfo/pulp-dev >> >> > > _______________________________________________ > Pulp-dev mailing list > Pulp-dev@redhat.com > https://www.redhat.com/mailman/listinfo/pulp-dev > >
_______________________________________________ Pulp-dev mailing list Pulp-dev@redhat.com https://www.redhat.com/mailman/listinfo/pulp-dev
