While there are many forms of 2FA in the world, GitLab does not support all of them. Currently, TOTP and U2F are the only supported methods [1]
This means that if we enabled it, everyone with commit access would need either a device running a TOTP-compliant program, or a U2F device such as a YubiKey. There are desktop TOTP software options such as Authy, oathtool, and Gnome Authenticator[2] [1] https://docs.gitlab.com/ee/user/profile/account/two_factor_authentication.html [2] https://gitlab.gnome.org/World/Authenticator On Mon, Nov 25, 2019 at 4:41 PM Andy Peters <de...@latke.net> wrote: > > > On Nov 25, 2019, at 10:10 AM, jp charras <jp.char...@wanadoo.fr> wrote: > > > > Le 25/11/2019 à 17:53, Kevin Cozens a écrit : > >> On 2019-11-25 11:03 a.m., Seth Hillbrand wrote: > >>> 2FA would be using something like Google Authenticator on your phone, > >>> a YubiKey or SMS message code to verify your login on a computer in > >>> addition to the password. > >> > >> It may not affect me as I'm a user of KiCad and occasional reporter of > >> bugs. What gitlab activities would require 2FA? Reading the link > >> supplied about 2FA says it would send a message to a phone. I don't > >> have, or want, a cell phone. How would requiring 2FA affect others > >> without a cell phone who want to use the gitlab repo site? > >> > > > > I am also like Kevin: > > I don't have, or want, a cell phone (or any Google account). > > > > A simple password is not perfect, but at least it is easy to use and > > works from any computer install. > > Kicad gitlab repo is for a FOSS development. > > It is not for Fort Knox access management. > > 2FA will work with an email address — this is how one of my banks does it. > They send the code to the email address. It works, and isn’t too annoying, > except when the mail servers are slow to respond. > > I prefer SMS to my iPhone, which when used with iMessages, the code sent > to my iPhone goes to all of the devices connected to my iCloud account, and > then magically Safari “knows” that the message was sent and offers to fill > in the code. > > 2FA is going to be the way of the world as all banking and such move to > it, at least until a better authentication mechanism comes along. > _______________________________________________ > Mailing list: https://launchpad.net/~kicad-developers > Post to : kicad-developers@lists.launchpad.net > Unsubscribe : https://launchpad.net/~kicad-developers > More help : https://help.launchpad.net/ListHelp >
_______________________________________________ Mailing list: https://launchpad.net/~kicad-developers Post to : kicad-developers@lists.launchpad.net Unsubscribe : https://launchpad.net/~kicad-developers More help : https://help.launchpad.net/ListHelp
