On 11 December 2017 at 11:27, Kushal Das <kushal...@gmail.com> wrote: > On Mon, Dec 11, 2017 at 4:44 PM, Paul Moore <p.f.mo...@gmail.com> wrote: >> On 11 December 2017 at 10:16, Kushal Das <kushal...@gmail.com> wrote: >>> On a related note, we should ask all committers to enable 2FA and then >>> make the organization to 2FA only on github. That is a standard policy of >>> many organizations on github. >> >> Before making such a requirement, we should ensure that doing so >> doesn't harm usability. For example, I have no idea how 2FA would work >> in conjunction with the command line git client on Windows, >> particularly in terms of *not* prompting on every single activity, but >> caching authentication appropriately. Also we should ensure that there >> are viable 2FA options for people in places where mobile phone signals >> are unreliable or unavailable (I come into that category :-() >> >> Basically, before making such a change, let's ensure it doesn't do >> more harm than good. >> > Understood, the git command line tools work based on your ssh authentication. > 2FA will only take place in case of user login using username/password.
Um, I use https not ssh, as for at least some of the time I'm behind a firewall that only allows https, not ssh traffic. (I know, I'm sorry - I can probably be the worst possible corner case for *any* suggestion that gets made :-)) Paul PS I'm not against the idea as a recommended practice - just concerned about making it mandatory. _______________________________________________ python-committers mailing list python-committers@python.org https://mail.python.org/mailman/listinfo/python-committers Code of Conduct: https://www.python.org/psf/codeofconduct/
