Re: [arch-dev-public] Enforcing 2FA in GitHub organization
Em junho 29, 2018 5:09 Bartłomiej Piotrowski via arch-dev-public escreveu: Hi all, I want to enable mandatory two-factor authentication in our GitHub organization. Few of you unfortunately don't use it and will be effectively removed when I flip the switch, which I plan to do next week, 6th July. allanbrokeit anthraxx Atsutane Bluewind brain0 City-busz djgera eli-schwartz foutrelis lordheavy phrakture SantiagoTorres seblu shibumi vesath wonder Hi All, I have just enabled 2FA for the archlinux organization on github. The following users were removed: allanbrokeit brain0 City-busz djgera lordheavy phrakture seblu vesath wonder These users need to enable 2FA on their accounts and ask one of the owners to add them back to the organization. Regards, Giancarlo Razzolini pgpiZgP51fBSG.pgp Description: PGP signature
Re: [arch-dev-public] Enforcing 2FA in GitHub organization
Em junho 29, 2018 5:09 Bartłomiej Piotrowski via arch-dev-public escreveu: Hi all, I want to enable mandatory two-factor authentication in our GitHub organization. Few of you unfortunately don't use it and will be effectively removed when I flip the switch, which I plan to do next week, 6th July. allanbrokeit anthraxx Atsutane Bluewind brain0 City-busz djgera eli-schwartz foutrelis lordheavy phrakture SantiagoTorres seblu shibumi vesath wonder Hi Bartłomiej, I'm the manager of a github organization with more than 4k repos. Enabling mandatory 2FA is a good start. But there are some more things I would like to do: - Disable the permission for repository deletion by members (even with admin on the repo). Only owners should be able to delete repositories upon request. - Reduce the number of owners to a bare minimum. - Review all the 3rd party access and integration (so far I only saw travis). Also, I do have some scripts that use github's API to work with github's audit logs. Perhaps we can add something to our monitoring. Regards, Giancarlo Razzolini pgpQnE0ndY1k8.pgp Description: PGP signature
Re: [arch-dev-public] Enforcing 2FA in GitHub organization
[2018-06-29 10:09:21 +0200] Bartłomiej Piotrowski via arch-dev-public: > I want to enable mandatory two-factor authentication in our GitHub > organization. Few of you unfortunately don't use it and will be > effectively removed when I flip the switch, which I plan to do next > week, 6th July. No worries as far as I'm concerned: I only use GitHub once every other year... -- Gaetan
[arch-dev-public] Enforcing 2FA in GitHub organization
Hi all, I want to enable mandatory two-factor authentication in our GitHub organization. Few of you unfortunately don't use it and will be effectively removed when I flip the switch, which I plan to do next week, 6th July. allanbrokeit anthraxx Atsutane Bluewind brain0 City-busz djgera eli-schwartz foutrelis lordheavy phrakture SantiagoTorres seblu shibumi vesath wonder Bartłomiej