On 2020-04-26 21:02:34 +0200 (+0200), Bernd Zeimetz wrote: > On 4/26/20 8:30 PM, Bastian Blank wrote: > > On Sat, Apr 25, 2020 at 11:14:39PM +0200, Bernd Zeimetz wrote: > >> Actually I think 2FA should be enforced for everybody. > > > > No, we don't enforce 2FA for everybody. And I don't consider it > > appropriate to raise the option. > > Could you explain why? > > There is nothing bad on an extra bit of security. Actually, there is. "Security" is always a balance of inconvenience. Add too many "extra bits of security" and your users will decide that working around your security model is easier than adhering to it, undermining the robustness of the system as a whole. The classic (pre-password-manager) example was systems requiring complex passwords leading to users writing them on slips of paper and sticking them to the edges of their serial terminals. You're already seeing quite a few folks responding that being required to use an additional application or device each time they authenticate would be an inconvenience to them. This is a signal. I personally wouldn't enjoy being prompted to activate my TOTP client software every time I invoke `git push` so I can understand the resistance to your proposal. -- Jeremy Stanley
Attachment:
signature.asc
Description: PGP signature