Re: The TSC has approved enabling two factor auth for GitHub


Ry Jones
 

I enabled 2FA today. A feature I did not know GitHub has is that if you remove someone, when they enable 2FA and are re-invited, you have the option to re-apply the permissions they had at the time they were removed.

I'm a lot less worried about flipping the switch on Labs now, since undoing it is so easy
Ry


On Thu, Jun 13, 2019 at 11:03 AM Ry Jones <rjones@...> wrote:
There was a vote today, and the motion to enable 2FA for the Hyperledger org on GitHub at the end of the next TSC call (20 JUN 2019) was approved.

If you are a member of the Hyperledger GitHub organization and you do not have 2FA enabled, GitHub will remove you from the org. This does not preclude rejoining in the future.

Ry

On Tue, Jun 11, 2019 at 3:40 PM Ry Jones <rjones@...> wrote:
Where we are today:
for the main org, there are three users with commit bits and no 2FA. None of these users has made a commit in over a year to any Hyperledger project as far as I can tell. Thanks to everyone that enabled two factor auth! I think it's fairly low risk to enable the requirement for 2FA at any time the TSC says it's OK.

For Labs, we have ~80 people in the org and ~20 without 2FA enabled. I haven't pushed as hard on Labs, so I suspect we should delay enabling it for a while. I haven't audited who has write bits, but I assume it's close to 100%.
Ry
--
Ry Jones
Community Architect, Hyperledger

Join toc@lists.hyperledger.org to automatically receive all group messages.