> On Dec 11, 2017, at 9:35 AM, Paul Moore <p.f.mo...@gmail.com> wrote:
>
> Maybe I didn't understand it. Doesn't that leave me in precisely the
> same situation as a username/password, in that I have a single set of
> credentials I can use? Or is the fact that it's tied to the specific
> machine the point here? If so, then thanks, I can certainly use that
> should someone decide that mandating 2FA is a good idea (I still
> maintain that recommended but not mandatory is better, as my GH
> account is not used solely for CPython development, so making such a
> change has wider effects than just for this project).
It is true that this weakens the guarantees of 2fa (as does allowing
authentication using a SSH key!). In general this trade off is worth it because
the authority granted by those credentials is limited (in this case, I believe
you can only push/pull with them, you can’t do anything else on the account)
and they’re typically only used in contexts where leaking the credential is far
far harder. As a bonus, they’re not going to be shared between multiple
services.
So yea, it’s not as good as 2FA only everywhere, but the specific circumstances
around these specific credentials makes it a reasonable usability trade off to
allow them.
_______________________________________________
python-committers mailing list
python-committers@python.org
https://mail.python.org/mailman/listinfo/python-committers
Code of Conduct: https://www.python.org/psf/codeofconduct/
