PyPI's 2FA Requirements Don't Go Far Enough, Researchers Say
The Python Package Index will require developers to better secure their accounts as cyberattacks ramp up, but protecting the software supply chain will take more than that.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
The Python Package Index will require developers to better secure their accounts as cyberattacks ramp up, but protecting the software supply chain will take more than that.
The Python Package Index (PyPI) announced last week that every account that maintains a project on the official third-party software repository will be required to turn on two-factor authentication (2FA) by the end of the year
The Python Package Index (PyPI) has announced that it will require every account that manages a project on the platform to have two-factor authentication (2FA) turned on by the end of the year. [...]
Python's most popular package manager is intent on securing the supply chain by requiring developers to enable two-factor authentication.
PyPI also offered free hardware security keys from the Google Open Source Security Team
The maintainers of the official third-party software repository for Python have begun imposing a new two-factor authentication (2FA) condition for projects deemed "critical." "We've begun rolling out a 2FA requirement: soon, maintainers of critical projects must have 2FA enabled to publish, update, or modify them," Python Package Index (PyPI) said in a tweet last week
On Friday, the Python Package Index (PyPI), repository of open source Python projects announced plans to rollout two factor authentication for maintainers of "critical" projects. Although many praised the move, the developer of a popular Python project decided to delete his code from PyPI in retaliation. [...]