On Mon, Dec 11, 2017 at 4:44 PM, Paul Moore <p.f.mo...@gmail.com> wrote: > On 11 December 2017 at 10:16, Kushal Das <kushal...@gmail.com> wrote: >> On a related note, we should ask all committers to enable 2FA and then >> make the organization to 2FA only on github. That is a standard policy of >> many organizations on github. > > Before making such a requirement, we should ensure that doing so > doesn't harm usability. For example, I have no idea how 2FA would work > in conjunction with the command line git client on Windows, > particularly in terms of *not* prompting on every single activity, but > caching authentication appropriately. Also we should ensure that there > are viable 2FA options for people in places where mobile phone signals > are unreliable or unavailable (I come into that category :-() > > Basically, before making such a change, let's ensure it doesn't do > more harm than good. > Understood, the git command line tools work based on your ssh authentication. 2FA will only take place in case of user login using username/password.
Even before we get into long discussions about 2FA and other things, the first step should be using a nice long passphrase (not password, but passphrase) which one can remember. And if possible, use a local password manager to store it. To create the passphrases, one can use the diceware tool ($ pip install diceware ). It is packaged for Debian, and I am working on the Fedora packaging (on review state). Kushal -- CPython Core Developer Director, Python Software Foundation https://kushaldas.in _______________________________________________ python-committers mailing list python-committers@python.org https://mail.python.org/mailman/listinfo/python-committers Code of Conduct: https://www.python.org/psf/codeofconduct/