Episode 332 - PyPI: 2FA or not 2FA, that is the question

Open Source Security Podcast - En podcast af Josh Bressers & Kurt Seifried - Mandage

Kategorier:

Josh and Kurt talk about PyPI mandating two factor authentication for the top 1% of projects. It feels like a simple idea, but it's not when you start to think about it. What problems does 2FA solve? How common are these attacks? What are the second and third order effects of mandating 2FA? This episode should have something for everyone on all sides of this discussion to violently disagree with. Show Notes PyPI announcement NPM expired domains Morten Linderud Tweet Congratulations: We Now Have Opinions on Your Open Source Contributions

Visit the podcast's native language site