On Mon, 2022-09-05 at 10:13 +0200, Dominik 'Rathann' Mierzejewski wrote: > Wait, what? Which countries are 2FA token illegal in? > > Regards, > Dominik
I cannot think of any reason why 2FA would be illegal in any country when TOTP is based on HMAC and by default uses SHA-1. Further if I may offer my unsolicited opinion, I am strongly in favor in requiring 2FA. And if doing it across the board is inconvenient, at least for "important" packages/roles. There's been too many supply chain incidents (see npm, github, any corporate data breach, et al.) that I think Fedora would benefit from mandating 2FA. _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
