Episode 332 - PyPI: 2FA or not 2FA, that is the question - podcast episode cover

Episode 332 - PyPI: 2FA or not 2FA, that is the question

Open Source Security
Jul 18, 202239 minEp. 332
--:--
--:--
Listen in podcast apps:
Apple Podcasts
Spotify
Download
YouTube
Overcast
Pocket Casts
Episodes.fm
Download Metacast podcast app
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

Josh and Kurt talk about PyPI mandating two factor authentication for the top 1% of projects. It feels like a simple idea, but it's not when you start to think about it. What problems does 2FA solve? How common are these attacks? What are the second and third order effects of mandating 2FA? This episode should have something for everyone on all sides of this discussion to violently disagree with.

Show Notes
For the best experience, listen in Metacast app for iOS or Android