On Wed, Sep 25, 2024 at 3:58 PM enh <e...@google.com> wrote: > On Wed, Sep 25, 2024 at 2:19 PM Rob Landley <r...@landley.net> wrote: >> >> On 9/25/24 10:48, enh wrote: >> > On Wed, Sep 25, 2024 at 11:14 AM Rob Landley wrote: >> > > GitHub users are now required to enable two-factor authentication as >> > > an additional security measure. Your activity on GitHub includes you >> > > in this requirement. You will need to enable two-factor >> > authentication >> > > on your account before November 07, 2024, or be restricted from >> > account >> > > actions. >> > >> > So apparently I'm losing access to microsoft github on November 7th. I >> > still >> > have https://landley.net/toybox/git/ <https://landley.net/toybox/git/> >> > but >> > that isn't particularly load-bearing. >> > >> > Anybody got any suggestions for an alternate git hosting service? I >> > haven't >> > looked around recently. >> > >> > gitlab's even worse --- they wouldn't accept the phone number i use with >> > github >> > for some reason, and suggest i give them a credit card instead. >> >> I asked on mastodon and got sourcehut.org suggested, haven't looked yet. We >> set >> up a local gitea for j-core.org a while back but never published it because >> it >> scales TERRIBLY (2 gigs ram per active connection!) Half of what github's >> used >> for is bugzilla, probably need to find one of those... > > > before you give up on github, can't you use a security key for the 2FA? > presumably > you wouldn't have the same objections to that that you do to your phone > number?
Is the only objection to the 2fa requirement that Rob doesn't want to use his phone number for an SMS code? I just set up 2fa on my github account using Bitwarden Authenticator (FOSS for Android and IOS). It was pretty easy. Installed the app, told GitHub to set up 2fa using the app, scanned a QR code shown on the laptop with my phone, entered the code shown on the app into the laptop, and I was in and set up. I logged out and back in. After entering username and password, I was prompted for a code. The auth app on the phone gave me the code without having to scan or do anything. Entered it and I was in. Pretty easy really. Unless there are other objections to setting up 2fa, I think it's much easier than moving to a different git host. (BTW I saved the recovery codes into my password manager and also set up a backup auth method for extra safety.) Ray _______________________________________________ Toybox mailing list Toybox@lists.landley.net http://lists.landley.net/listinfo.cgi/toybox-landley.net
