PLAY PODCASTS
Episode 332 - PyPI: 2FA or not 2FA, that is the question
Episode 332

Episode 332 - PyPI: 2FA or not 2FA, that is the question

Open Source Security · Open Source Security

July 18, 202239m 1s

Audio is streamed directly from the publisher (traffic.libsyn.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.

Original episode page

Show Notes

Josh and Kurt talk about PyPI mandating two factor authentication for the top 1% of projects. It feels like a simple idea, but it's not when you start to think about it. What problems does 2FA solve? How common are these attacks? What are the second and third order effects of mandating 2FA? This episode should have something for everyone on all sides of this discussion to violently disagree with.

Show Notes
← All episodes of Open Source Security