Security News > 2023 > May > PyPI Implements Mandatory Two-Factor Authentication for Project Owners

PyPI Implements Mandatory Two-Factor Authentication for Project Owners
2023-05-29 04:58

The Python Package Index announced last week that every account that maintains a project on the official third-party software repository will be required to turn on two-factor authentication by the end of the year.

"Between now and the end of the year, PyPI will begin gating access to certain site functionality based on 2FA usage," PyPI administrator Donald Stufft said.

We may begin selecting certain users or projects for early enforcement."

The development comes nearly a year after PyPI made 2FA mandatory for critical project maintainers.

The registry is home to 457,125 projects and 704,458 users.

According to cloud monitoring service provider Datadog, 9,580 users and 4,541 projects have been identified as critical, with 2FA enabled in total for 38,248 users to date.


News URL

https://thehackernews.com/2023/05/pypi-implements-mandatory-two-factor.html

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Pypi 15 0 0 1 15 16