On 4/26/20 12:41 AM, Thomas Goirand wrote: > On 4/25/20 11:14 PM, Bernd Zeimetz wrote: >> Actually I think 2FA should be enforced for everybody. >> Even debian.org related passwords might get lost. > > I use strong password, stored with keepassxc, with the password db > encrypted using the HMAC of my yubikey. In what way is this not safe > enough already? 2FA will add nothing in my case, just more annoyance. And then somebody sends you a phishing mail and you enter your password into salsa.debiana.org... And if it doesn't happen to you, it happens to somebody else. Or you or somebody else has to use a more public or work computer for whatever reason. There are more ways to loose a password than you seem to be able to think of. Bernd -- Bernd Zeimetz Debian GNU/Linux Developer http://bzed.de http://www.debian.org GPG Fingerprint: ECA1 E3F2 8E11 2432 D485 DD95 EB36 171A 6FF9 435F
- Re: Salsa update: no more "-guest" and more Bernd Zeimetz
- Re: Salsa update: no more "-guest" and mor... Bastian Blank
- Re: Salsa update: no more "-guest" and... Bernd Zeimetz
- Re: Salsa update: no more "-guest"... Debian/GNU
- Re: Salsa update: no more "-guest&q... Bernd Zeimetz
- Re: Salsa update: no more "-gu... Gard Spreemann
- Re: Salsa update: no more "... Phil Morrell
- Re: Salsa update: no more "... Bernd Zeimetz
- Re: Salsa update: no more "-gu... Thomas Goirand
- Re: Salsa update: no more "... Bernd Zeimetz
- Re: Salsa update: no more &... Johannes Schauer
- Re: Salsa update: no more &... Bernd Zeimetz
- Re: Salsa update: no more &... Thomas Goirand
- Re: Salsa update: no more &... Russ Allbery
- Re: Salsa update: no more &... Russ Allbery
- Re: Salsa update: no more &... Thomas Goirand
- Re: Salsa update: no more &... Russ Allbery
- Re: Salsa update: no more &... Thomas Goirand
- Re: Salsa update: no more "... Paride Legovini
- Re: Salsa update: no more &... Russ Allbery