• Latest
  • Trending
PyPI Repository Enforces 2FA for Critical Python Projects

PyPI Repository Enforces 2FA for Critical Python Projects

July 12, 2022
Co-Creation Hub’s edtech accelerator puts $15M towards African startups

Co-Creation Hub’s edtech accelerator puts $15M towards African startups

February 20, 2023
Data Leak Hits Thousands of NHS Workers

Data Leak Hits Thousands of NHS Workers

February 20, 2023
EU Cybersecurity Agency Warns Against Chinese APTs

EU Cybersecurity Agency Warns Against Chinese APTs

February 20, 2023
How Your Storage System Will Still Be Viable in 5 Years’ Time?

How Your Storage System Will Still Be Viable in 5 Years’ Time?

February 20, 2023
The Broken Promises From Cybersecurity Vendors

Cloud Infrastructure Used By WIP26 For Espionage Attacks on Telcos

February 20, 2023
Instagram and Facebook to get paid-for verification

Instagram and Facebook to get paid-for verification

February 20, 2023
YouTube CEO Susan Wojcicki steps down after nine years

YouTube CEO Susan Wojcicki steps down after nine years

February 20, 2023
Inaugural AfCFTA Conference on Women and Youth in Trade

Inaugural AfCFTA Conference on Women and Youth in Trade

September 6, 2022
Instagram fined €405m over children’s data privacy

Instagram fined €405m over children’s data privacy

September 6, 2022
8 Most Common Causes of a Data Breach

5.7bn data entries found exposed on Chinese VPN

August 18, 2022
Fibre optic interconnection linking Cameroon and Congo now operational

Fibre optic interconnection linking Cameroon and Congo now operational

July 15, 2022
Ericsson and MTN Rwandacell Discuss their Long-Term Partnership

Ericsson and MTN Rwandacell Discuss their Long-Term Partnership

July 15, 2022
  • Consumer Watch
  • Kids Page
  • Directory
  • Events
  • Reviews
Friday, 31 March, 2023
  • Login
itechnewsonline.com
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion
Subscription
Advertise
No Result
View All Result
itechnewsonline.com
No Result
View All Result

PyPI Repository Enforces 2FA for Critical Python Projects

by ITECHNEWS
July 12, 2022
in Infosec, Leading Stories
0 0
0
PyPI Repository Enforces 2FA for Critical Python Projects

Python Package Index (PyPI), the official third-party open-source repository for Python projects, said it will enforce a mandatory two-factor authentication (2FA) policy for projects categorized as “critical,” from both ‘Maintainers’ and ‘Owners’.

The team made the announcement on Twitter last Friday, saying that “soon, maintainers of critical projects must have 2FA enabled to publish, update or modify them.”

YOU MAY ALSO LIKE

Co-Creation Hub’s edtech accelerator puts $15M towards African startups

Data Leak Hits Thousands of NHS Workers

Further, PyPI offered free hardware security keys from the Google Open Source Security Team to developers of critical projects who had not previously turned on 2FA on PyP.

“To ensure that these maintainers can use strong 2FA methods, we’re also distributing 4000 hardware security keys,” read the Twitter post.

The repository account also specified the eligibility criteria for the new policy: “any project in the top 1% of downloads over the prior six months is designated as critical (as well as PyPI’s own dependencies).”

At the same time, the team clarified that once a project has been classified as “critical” it should remain in that category indefinitely, even if it drops out of the top 1% downloads list.

Moreover, the developers enabled a feature that will allow any project to opt-in to a 2FA requirement for its maintainers. According to PyPI, the feature can be enabled in the settings for each individual project and enabled/disabled for non-critical projects at any time.

“Ensuring that the most widely used projects have these protections against account takeover is one step towards our wider efforts to improve the general security of the Python ecosystem for all PyPI users,” wrote the team.

The developers set up a dedicated webpage to enable users to track the development of the new feature.

The move is reportedly intended to enhance the supply chain security of the Python ecosystem, and it comes in the wake of several security incidents targeting open-source repositories over the past few months.

Source: Alessandro Mascellino Freelance Journalist
Via: Infosecurity Magazine
Tags: PyPI Repository Enforces 2FA for Critical Python Projects
ShareTweetShare
Plugin Install : Subscribe Push Notification need OneSignal plugin to be installed.

Search

No Result
View All Result

Recent News

Co-Creation Hub’s edtech accelerator puts $15M towards African startups

Co-Creation Hub’s edtech accelerator puts $15M towards African startups

February 20, 2023
Data Leak Hits Thousands of NHS Workers

Data Leak Hits Thousands of NHS Workers

February 20, 2023
EU Cybersecurity Agency Warns Against Chinese APTs

EU Cybersecurity Agency Warns Against Chinese APTs

February 20, 2023

About What We Do

itechnewsonline.com

We bring you the best Premium Tech News.

Recent News With Image

Co-Creation Hub’s edtech accelerator puts $15M towards African startups

Co-Creation Hub’s edtech accelerator puts $15M towards African startups

February 20, 2023
Data Leak Hits Thousands of NHS Workers

Data Leak Hits Thousands of NHS Workers

February 20, 2023

Recent News

  • Co-Creation Hub’s edtech accelerator puts $15M towards African startups February 20, 2023
  • Data Leak Hits Thousands of NHS Workers February 20, 2023
  • EU Cybersecurity Agency Warns Against Chinese APTs February 20, 2023
  • How Your Storage System Will Still Be Viable in 5 Years’ Time? February 20, 2023
  • Home
  • InfoSec
  • Opinion
  • Africa Tech
  • Data Storage

© 2021-2022 iTechNewsOnline.Com - Powered by BackUPDataSystems

No Result
View All Result
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion

© 2021-2022 iTechNewsOnline.Com - Powered by BackUPDataSystems

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Go to mobile version