Closed tobiasvl closed 1 year ago
Should we keep the contact email under my domain, or set up something under @gbdev.io? I don't know whether we currently have a mail server for that domain?
Perhaps an e-mail address isn't really required as an alternative for contacting the authors of the tutorial anymore?
Email is required if a user does not have a GitHub account. As of second quarter 2023, signing up for GitHub requires three things: an email address, a web browser capable of running the non-free CAPTCHA, and a supported second factor of authentication. The last of these involves owning a FIDO U2F key such as YubiKey ($50) or a phone or tablet capable of running a TOTP authenticator app (maybe about $100 at a pawn shop). See "Raising the bar for software security: GitHub 2FA begins March 13".
Email is required if a user does not have a GitHub account
Or a Discord, IRC or Matrix account. The chat channels are mentioned at the top of the same page.
a supported second factor of authentication [which] involves owning a FIDO U2F key such as YubiKey ($50) or a phone or tablet capable of running a TOTP authenticator app (maybe about $100 at a pawn shop).
SMS is still a supported 2FA method. I can also use my laptop for 2FA with Windows Hello (Face ID or PIN), but that obviously requires Windows; I assume other OSs have similar capabilities?
oathtool
on Linux is perfectly capable of generating TOTP codes. But I'm going to predict @pinobatch will now say it requires a computer!
To be clear, I'm not against still supporting e-mail, but that either requires setting up a new e-mail address (which someone also needs to monitor) or, at the very least, adding @ISSOtm's actual e-mail address to the page so it can continue to be used (since it's mildly obfuscated in its current form, and is no longer compatible with the new URL, as it refers to the old one). Currently nobody can use e-mail to contact the authors unless they can figure out where the tutorial used to be hosted.
@tobiasvl IRC or Matrix can work so long as Discord users tolerate reports in the bridged channel.
As for SMS, in my experience, it's not available on landlines because most SMS auth providers won't fall back to a text-to-speech over a voice call. Nor is it available in countries not on a list that happens not to include Argentina. I haven't tested to see whether two people in a household who share a cell phone can use SMS.
@aaaaaa123456789 I wasn't aware of oathtool
.
TOTP is a rather simple standard protocol and you could implement your own tool if it came to that.
Now we have three questions.
I will create an address @gbdev.io
This (from https://gbdev.io/gb-asm-tutorial/help-feedback.html) no longer makes sense with the new domain: