- Proposal to the TSC: enable 2FA requirement across all orgs
Re: Proposal to the TSC: enable 2FA requirement across all orgs
toggle quoted messageShow quoted text
I did an audit of the main org. Slightly over half of our 400 members are not using two factor authentication.
There is no easy way to tie those members to activity in the org.
On Tue, Jun 4, 2019 at 07:15 Arnaud Le Hors <lehors@...
I strongly believe
we need to give everyone a fair warning but I don't think we need to wait
for several months to pull the trigger either. I'd say a month at most.
This is independently
of the fact that 2FA isn't without its own pitfalls...
Arnaud Le Hors - Senior Technical Staff Member, Blockchain &
Web Open Technologies - IBM
Grimberg <agrimberg@...>, TSC <tsc@...>
[Hyperledger TSC] Proposal to the TSC: enable 2FA requirement across all
On Mon, Jun 3, 2019 at 10:00 AM Brian
Andy. I'm also guessing it's not possible to require 2FA across
only some GH repos within a given org.
Correct. This is an org-level setting.
quickest/best approach then is likely some sort of survey of
committers (as measured by commits to any repo over the last say 3
months) asking each to confirm they're using 2FA. Then those who
haven't yet confirmed can be followed up with to make sure there's no
technical barrier keeping them from moving. After some window of
(say a month), given no technical barriers, it's enabled for all repos
This is a broader discussion we should
have around marketing. In the beginning, anyone
that asked to be a member of the org
was invited. Very few members are active. If/when
we move to automated management of repos,
there will be a series of policy decisions
to make, distinct from 2FA.
Community Architect, Hyperledger
Join firstname.lastname@example.org to automatically receive all group messages.