Cuberite Forum
GitHub Organisation Security - Printable Version

+- Cuberite Forum (https://forum.cuberite.org)
+-- Forum: Cuberite (https://forum.cuberite.org/forum-4.html)
+--- Forum: Discussion (https://forum.cuberite.org/forum-5.html)
+--- Thread: GitHub Organisation Security (/thread-1921.html)



GitHub Organisation Security - bearbin - 05-09-2015

I noticed on the GitHub organisation page that I was the only member of the "Owners" team with two-factor authentication enabled.

I think that to improve security of the organisation and hopefully prevent any sort of hacking/defacement we should make all owners enable 2FA.

If not enforcing this, could you please at least consider enabling 2FA on your own account?


RE: GitHub Organisation Security - bearbin - 05-09-2015

Any response?


RE: GitHub Organisation Security - NiLSPACE - 05-09-2015

What is it? As far as I understand 2FA is basicly that you need two passwords to log in. Is that correct?


RE: GitHub Organisation Security - bearbin - 05-09-2015

It means that you have to have a secondary authentication code to log in, yes.

Basically that means that either they can text you or you can install an app on your phone that generates codes on demand.

It means that an attacker would not just have to know your password, but also to have control of your phone (or tablet, etc) to get the code.


RE: GitHub Organisation Security - NiLSPACE - 05-09-2015

Okay, but what if my phone breaks? Can't I log back in then?


RE: GitHub Organisation Security - LogicParrot - 05-09-2015

I was about to ask.


RE: GitHub Organisation Security - bearbin - 05-09-2015

Yes, you can log back in because you can generate backup codes and keep them safe, and if your phone breaks you can use one of them.