PyPI and Test PyPI now support the creation of API Tokens for use when uploading projects to PyPI, thanks to work funded by the Open Technology Fund.
These tokens are created by default with the same upload permissions as the User creating them, but can also be scoped to specific projects that User has upload privileges for. This is the first step in enforcing that Users with Two-Factor Authentication enabled must use an API Token when uploading to PyPI, rather than their password. After the Beta we’ll announce the general availability of these features and timeline for enforcement of API Tokens for Two-Factor Authentication enabled accounts. Read more on how you can help to test this feature at: https://discuss.python.org/t/pypi-security-work-multifactor-auth-progress-help-needed/1042/31 -Ernest W. Durbin III Director of Infrastructure Python Software Foundation -- You received this message because you are subscribed to the Google Groups "pypa-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/pypa-dev/76e39d42-c730-4618-a5b5-baa855fce17b%40googlegroups.com.
