[python-committers] Re: Please make sure you're following good security practices with your GitHub account

Le 6/16/21 à 10:50 AM, Antoine Pitrou a écrit : > It's as reliable as printing passwords on a piece of paper, isn't it? The password is *something you know*, so we (all?) agree: printing it is a bad idea. The 2nd factor is *something you have*, so printing them is not an issue, and having them in

[python-committers] Re: Please make sure you're following good security practices with your GitHub account

On 16/06/2021 10.50, Antoine Pitrou wrote: > > Le 16/06/2021 à 10:33, Christian Heimes a écrit : >> On 16/06/2021 07.14, Julien Palard via python-committers wrote: >>> I do use a Yubikey too. >>> >>> Le 6/14/21 à 11:27 PM, Tim Peters a écrit : If I buy one and plug it in, and that's the end o

[python-committers] Re: Please make sure you're following good security practices with your GitHub account

Le 16/06/2021 à 07:14, Julien Palard via python-committers a écrit : I do use a Yubikey too. Le 6/14/21 à 11:27 PM, Tim Peters a écrit : If I buy one and plug it in, and that's the end of it, fine by me That's almost as simple as you want: - In Github settings 2FA tab you'll have to hit a "

[python-committers] Re: Please make sure you're following good security practices with your GitHub account

Le 16/06/2021 à 10:33, Christian Heimes a écrit : On 16/06/2021 07.14, Julien Palard via python-committers wrote: I do use a Yubikey too. Le 6/14/21 à 11:27 PM, Tim Peters a écrit : If I buy one and plug it in, and that's the end of it, fine by me That's almost as simple as you want: - In

[python-committers] Re: Please make sure you're following good security practices with your GitHub account

On 16/06/2021 07.14, Julien Palard via python-committers wrote: > I do use a Yubikey too. > > Le 6/14/21 à 11:27 PM, Tim Peters a écrit : >> If I buy one and plug it in, and that's the end of it, fine by me > > That's almost as simple as you want: > > - In Github settings 2FA tab you'll have to

[python-committers] Re: Please make sure you're following good security practices with your GitHub account

Something I'd like to add to the discussion: 2FA on Github only applies to the website, not the SSH access: https://docs.github.com/en/github/authenticating-to-github/securing-your-account-with-two-factor-authentication-2fa/accessing-github-using-two-factor-authentication#authenticating-on-the-co

[python-committers] Re: Please make sure you're following good security practices with your GitHub account

On Wed, 16 Jun 2021 at 06:15, Julien Palard via python-committers wrote: > > I do use a Yubikey too. I'm not particularly bothered by the debate over 2FA (I have a 2FA app on my phone that I use and that's sufficient) but I'd like to offer a counter argument to everyone saying Yubikeys are a stra