Cuberite Forum

Cuberite Forum > Cuberite > Discussion > GitHub Organisation Security
Full Version: GitHub Organisation Security
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

bearbin

05-09-2015, 06:33 AM
I noticed on the GitHub organisation page that I was the only member of the "Owners" team with two-factor authentication enabled.

I think that to improve security of the organisation and hopefully prevent any sort of hacking/defacement we should make all owners enable 2FA.

If not enforcing this, could you please at least consider enabling 2FA on your own account?

bearbin

05-09-2015, 10:09 PM
Any response?

NiLSPACE

05-09-2015, 10:15 PM
What is it? As far as I understand 2FA is basicly that you need two passwords to log in. Is that correct?

bearbin

05-09-2015, 10:48 PM
It means that you have to have a secondary authentication code to log in, yes.

Basically that means that either they can text you or you can install an app on your phone that generates codes on demand.

It means that an attacker would not just have to know your password, but also to have control of your phone (or tablet, etc) to get the code.

NiLSPACE

05-09-2015, 10:52 PM
Okay, but what if my phone breaks? Can't I log back in then?

LogicParrot

05-09-2015, 10:53 PM
I was about to ask.

bearbin

05-09-2015, 11:07 PM
Yes, you can log back in because you can generate backup codes and keep them safe, and if your phone breaks you can use one of them.
Cuberite Forum > Cuberite > Discussion > GitHub Organisation Security