Makes sense to me. On Thu, Dec 8, 2022 at 11:42 AM Floris Bruynooghe <f...@devork.be> wrote:
> I'd also be +1 on this. > > Note however that the user in question did have 2FA enabled already and > indeed this doesn't help for compromised tokens. I think we can force > some limits on what tokens are allowed, I'm not entirely sure here and > on how restricting this may turn out to be for people. > > Anyway, requiring 2FA is a decent step I support. > > Cheers, > Floris > > > On Thu 08 Dec 2022 at 13:17 -0300, Bruno Oliveira wrote: > > > Hi folks, > > > > Given the recent incident of suspicious activity using a stolen > credential > > from a pytest-dev org member, it was suggested that pytest is high-enough > > profile that we should require 2FA for all members. > > > > I'm definitely +1 on this, sending this message here in case someone > wants > > to voice concerns. > > > > Cheers, > > Bruno. > > _______________________________________________ > > pytest-dev mailing list > > pytest-dev@python.org > > https://mail.python.org/mailman/listinfo/pytest-dev > _______________________________________________ > pytest-dev mailing list > pytest-dev@python.org > https://mail.python.org/mailman/listinfo/pytest-dev >
_______________________________________________ pytest-dev mailing list pytest-dev@python.org https://mail.python.org/mailman/listinfo/pytest-dev
