this post was submitted on 14 Aug 2023
16 points (100.0% liked)

Free and Open Source Software

17941 readers
25 users here now

If it's free and open source and it's also software, it can be discussed here. Subcommunity of Technology.


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
 

I just received an email from Github that they are now ofically begin to require users who contribute code need to have 2FA enabled.

Why isn't password + email already sufficient? Why do I need to use a third FA to satisfy their requirements? Is it reasonable to feel stumped or angry about it?

Would like to hear your thoughts about this.

you are viewing a single comment's thread
view the rest of the comments
[โ€“] nyan@lemmy.cafe 2 points 1 year ago (1 children)

On the one hand, security is good in the general case, and github has a right to set whatever (legal) conditions they want for the use of their services.

On the gripping hand, for the kind of stuff I've put on github in the past? Not worth even a tiny bit of additional friction, especially when I hate git to begin with. I've been procrastinating for a while now about moving or deleting existing repositories. Should get on it, I guess.

(There are also certain details of how they've executed their security upgrade, which locked some maintainers out of their projects at one point, that I don't like, and which has reduced my already low trust in them.)

[โ€“] DmMacniel@feddit.de 1 points 1 year ago

Most of my private and personal projects I host on my own server anyway but recently I began to contribute to public projects, and even if its just translations, and I would love to continue doing it. So I'll use an Authenticator then for my github account.