jnm2
commented
3 years ago I also recommend Authy if you aren't already using a 2FA app.
Closed rprouse closed 3 years ago
jnm2
commented
3 years ago I also recommend Authy if you aren't already using a 2FA app.
rprouse
commented
3 years ago I've removed the unused teams and most people that aren't on project teams. I've left a few people that are active and help out.
One other person that needs to enable MFA is @Poimen
If I removed anyone from the organization by mistake, please let me know and I will re-add them.
stevenaw
commented
3 years ago Huh, I had thought I had already enabled this. Done, thanks @rprouse
Poimen
commented
3 years ago @rprouse thanks for the reminder, MFA should be enabled now 😄
Dreamescaper
commented
3 years ago Thanks, done!
ChrisMaddock
commented
3 years ago Done, thank you. 🙂
CharliePoole
commented
3 years ago Done as well.
FWIW, situation where one device is a linux box and the other is a virtual windows machine running under virtualbox is a bit tricky. To add the second device, you need to get a code on the first one, then switch. Best to copy the code when most of the allowed 30 seconds are still available so it doesn't expire. Of course, that requires copy / paste support enabled for the virtual machine. If I had to do it all over, I'd start with my phone.
oznetmaster
commented
3 years ago All set here.
rprouse
commented
3 years ago @mikkelbu can you update to MFA soon? I don't want you to get removed from the org when we update.
mikkelbu
commented
3 years ago I'll try to do it this weekend, but at the moment my spare time is very limited (almost nonexistent).
mikkelbu
commented
3 years ago I've enabled 2FA using Authy
rprouse
commented
3 years ago MFA has been enabled on the organization. Thanks for your help everyone.
The .NET Foundation is asking its member projects to enforce multi-factor authentication to improve security. This is something I've been planning on doing this for a while, so no time like the present.
More info on how to enable 2FA for your organization: https://docs.github.com/en/organizations/keeping-your-organization-secure/requiring-two-factor-authentication-in-your-organization More info on how to enable 2FA for the individual user: https://docs.github.com/en/github/authenticating-to-github/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication
I am most worried about the core team and active members. The following people need to enable 2FA. If you don't already have a 2FA app, I'd recommend Authy, it works on all platforms and syncs your MFA between them.
Core Team: @CharliePoole, @ChrisMaddock, @mikkelbu
Team members and frequent contributors: @stevenaw, @oznetmaster, @JustinRChou, @Dreamescaper, @halex2005, @lundmikkel
For such a large team, we're in pretty good shape. Most people already have it enabled.
I'm also going to remove the old Contributors and Previous Contributors teams. With all the bitcoin mining in actions and other hacks going on, I'd like to see a smaller group with privileges.