4 Apr
2024
4 Apr
'24
10:46
On Thu, Apr 4, 2024 at 12:16 PM Atri Bhattacharya
2. Perhaps it is time to allow 2FA, and indeed make it mandatory, for packagers on build.o.o. 2FA is certainly not hack-proof, but it is better than the simple password based authentication we currently use. This will also cut down on spam comments, that have been slowly growing in number.
How will it interoperate with API (in particular, osc)? Anyway, users are authenticated by the external identity provider so it is rather the question to IDP whether it can support 2FA.