pull down to refresh

2FA is now required for GitHub accounts. Does this concern you? Why or why not?
2FA isn't "prosecution" in my book, maybe paranoia. Depends on the meaning of the word "prosecution" tho.
But it's safe to say that anonymity on Github/Gitlab is dead. Or will be soon. If you want anonymity in FOSS you have to leave Github or any platform like it.
The FOSS community should have left Github years ago. Why they haven't is a bewildering mystery to me.
reply
It's the dev version of leaving your btc on Coinbase -- the convenience makes everything so much easier. It doesn't matter till all of a sudden it does.
reply
Where would FOSS go, as an alternative?
reply
IMO there isn't a good solution yet.
Developers could develop without Github or use a selfhosted Gitlab. And/or use Git in a p2p way. And then publish on an own website or via torrent.
Maybe someday someone will make something decentralized on Nostr or Usenet or something. But I'm not smart enough or have the time to tackle it.
reply
freespeech git platforms like codeberg
reply
Yeah, anonymity was where I was going with that title.
reply
Pretty sure you can use YubiKey as 2FA (as they support FIDO). Or 1Password (or any other OTP generating app).
Can you elaborate what is concerning here?
I, for one, want the developers of the software I use on a daily basis for sensitive stuff to secure their accounts properly.
reply
can you 2fa without phone number?
reply