[m2e-dev] Enforce 2FA for comiters on github?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

[m2e-dev] Enforce 2FA for comiters on github?

From: Christoph Läubrich <laeubi@xxxxxxxxxxxxxx>
Date: Wed, 1 Feb 2023 19:37:30 +0100
Delivered-to: m2e-dev@xxxxxxxxxxx
List-archive: <https://www.eclipse.org/mailman/private/m2e-dev/>
List-help: <mailto:m2e-dev-request@eclipse.org?subject=help>
List-subscribe: <https://www.eclipse.org/mailman/listinfo/m2e-dev>, <mailto:m2e-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://www.eclipse.org/mailman/options/m2e-dev>, <mailto:m2e-dev-request@eclipse.org?subject=unsubscribe>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.6.0

See below the message from Mikaël Barbero regarding 2FA.

I think 2FA is a key concept in today security concepts and thereforelike to suggest to enforce 2FA for m2e + tycho.

If no one has a strong reason to not do that (please raise concerns nolater than 12. Feb 2023), I'll open tickets in the HelpDesk to enable this.


best
 Christoph

Am 01.02.23 um 18:30 schrieb Mikael Barbero via eclipse.org-committers:

Dear committers,
I wanted to share some positive news regarding security posture of our1000+ Github repositories. During the course 2022Q4, the number ofcommitters that have 2FA (two-factor authentication) activated on GitHubhas increased by 8.8%.
This means that *63.8% of all Eclipse committers on GitHub are now using2FA*. It helps protecting your codebase and prevent unauthorized access.Also, approximately 31% of the GitHub organizations managed by theEclipse Foundation have 90% or more of their committers using two-factorauthentication (2FA), which is an 18% increase from the previous quarter.
If you did not do it yet, we encourage you to activate 2FA today, on allplatforms where it’s available. There are plenty of reasons to do so<https://mikael.barbero.tech/blog/post/2022-11-22-2fa-for-developers/>.See below links to documentation how to activate 2FA for code under thestewardship of the Eclipse Foundation:
For projects hosted at GitHub<https://docs.github.com/en/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication>For projects hosted at gitlab.eclipse.org<https://gitlab.eclipse.org/help/user/profile/account/two_factor_authentication.md>
*Finally, if you are willing to make 2FA mandatory for all committers onyour project, feel free to **open a ticket at our help desk*<https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/issues/new?issue%5Btitle%5D=Enforce%202FA%20for%20all%20committers%20on%20my%20project>*, and we will work with you to make it happen.*
*
*
Thanks again!


*Mikaël Barbero *
*Head of Security | Eclipse Foundation*
🐦 @mikbarbero
📅 Book an appointment <https://calendar.app.google/K1N73kjhE57xHgND9>
Eclipse Foundation <http://www.eclipse.org/>: The Platform for OpenInnovation and Collaboration
_______________________________________________
eclipse.org-committers mailing list
eclipse.org-committers@xxxxxxxxxxx
To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/eclipse.org-committers

Prev by Date: [m2e-dev] Latest build failed
Next by Date: [m2e-dev] M2E 2.2.0 is released
Previous by thread: [m2e-dev] Latest build failed
Next by thread: [m2e-dev] M2E 2.2.0 is released
Index(es):
- Date
- Thread

Breadcrumbs