On 16/06/2021 07.14, Julien Palard via python-committers wrote: > I do use a Yubikey too. > > Le 6/14/21 à 11:27 PM, Tim Peters a écrit : >> If I buy one and plug it in, and that's the end of it, fine by me > > That's almost as simple as you want: > > - In Github settings 2FA tab you'll have to hit a "Register a new > security key" button, it make your key "blink" (blinking mean: please > touch the key to allow this action). > > - Then every time you login your key blinks and you have to touch it to > allow this action. > > And that's it. It uses an open standard called U2F [1] which works on a > variety of setups (it works with Firefox on Debian for example). It also > works on pypi.org \o/. > > If the PSF is willing to help financially, I'd recommend everyone to buy > (and register) two keys: a primary key and a backup key in case you > loose or break the first one.
Most sites with MFA support have backup/recovery codes, too. I recommend that you generate backup codes, print them out and store the printout with your important documents. It's low tech and safe. Christian _______________________________________________ python-committers mailing list -- python-committers@python.org To unsubscribe send an email to python-committers-le...@python.org https://mail.python.org/mailman3/lists/python-committers.python.org/ Message archived at https://mail.python.org/archives/list/python-committers@python.org/message/DP327KUOLMGVHUDTGTXPK6VJFSEHV4ZP/ Code of Conduct: https://www.python.org/psf/codeofconduct/
