Article 76HJJ [$] Fedora: 2FA, or not 2FA, that is the question

[$] Fedora: 2FA, or not 2FA, that is the question

by
jzb
from LWN.net on (#76HJJ)

Compromised accounts are one of the most common ways that attackerscan sneak malware into the open-source supply chain. One way toreduce account compromise is for projects to require two-factorauthentication (2FA) or multi-factor authentication (MFA), but that iseasier said than done. However, Fedora is currently discussing putting2FA requirements in place soon, following an an alleged accountcompromise that led to an AI agent causing a number of problemsfor the project. After some discussion, Fedora will begin by requiringpackagers in the "provenpackager"group to enable 2FA within the next three months or so.

External Content
Source RSS or Atom Feed
Feed Location http://lwn.net/headlines/rss
Feed Title LWN.net
Feed Link https://lwn.net/
Reply 0 comments